Posts Tagged ‘2011 Cyber Attacks’

2014 Cyber Attacks Statistics (Aggregated)

January 13, 2015 Leave a comment

As I did exactly one year ago, I have consolidated all the stats collected during 2014 with the intention to provide an high level overview of the past year. Of course this data does not pretend be exhaustive, I’d rather prefer to define the charts as macro-indicators of the threat landscape and the corresponding trends, since the sources of the timelines (from which the stats are derived) are open and therefore only show cyber attacks that were discovered and gained space in the news.

It is interesting to compare the trend of 2014 with the two previous years. It appears to be more stable, even if the overall level has been lower. The reason of this? Maybe the decreased impact of hacktivism and the major attention of the media towards the massive breaches that characterized the past year.

Monthly Trend

On the other hand, if one considers the drill down of the motivations month-by-month, it is even clearer the impact of Cyber Crime.

Monthly Trend (Drill Down)

And obviously the aggregated yearly distribution of motivations confirms this trend: Cyber Crime ranks at number one with 62.3% (it was 47% last year) followed by Hacktivism (24.9%, was 44% last year). It is interesting to notice the rise of Cyber Espionage that doubled its percentage (10.2% vs 5% in 2014).

Yearly Motivations

Defacement leads the chart of known Attack Techniques (16.4%, was 14% last year) ahead of SQLi (14.3%, down from 19% last year) and Account Hijacking (10.9%, a value slightly higher than last year when it was at  9%). It’s also worth to mention the Influence of Targeted Attacks (10.5%) and Malware, which in practice rank on top if one consider also the PoS Malware (the aggregated value is 17.3%).

Yearly Attack Techniques

Just like 2014, Governments and Industries have been the most preferred targets for Cyber Attackers with similar values (respectively 27.1% and 25.2%), with a substantial growth year-over-year (in 2014 they were respectively 23% and 22%). Targets belonging to Finance rank at number three (15.7%, more than twice in comparison with 2014). Organizations and news come after with respectively 8.3% and 6.6%.

Yearly Targets

As usual, bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2012 Cyber Attacks Statistics (Part I)

Here we are with the statistics from the Cyber Attack Timeline for the first half of July 2012. The sample included 39 attacks which have been analyzed according the three familiar parameters: Motivations behind attacks, Distribution of attacks techniques and Distribution of targets.

As far as Motivations Behind Attacks are concerned, the first two weeks of July confirmed the trend of the last months: Cybercrime ranked at number one with nearly the 70% of the occurrences, well ahead hacktivism, at number two with the 23%. Cyber Warfare and Cyber Espionage are well behind with respectively the 5% and 3% of the attacks.

The Distribution Of Attack Techniques has shown, for the first half of July, a considerable number of attacks of unknown origin. As a matter of fact, in more than one half of the occurrences (53%) it has not been possible to track the attack technique used by cyber croockers, at least according to the available information. In all those cases in which it has been possible to track the attacks, the first half of July has seen an overtake of DDoS (18%) against SQL Injection (13%), although if one sums the total occurrences of SQL Injections (certain and claimed, the latter are characterized by a question mark in the chart), the total of SQLi is a remarkable 21%, slightly greater than DDoS). I had to modify this chart after I came across an article indicating an SQL Injection attack as the vector of the breach suffered by Nvidia.

The Distribution of Targets chart confirms the Industry at rank number one with the 38% of occurrences. In any case, if we do not consider the fragmentation of this category (I have dedicated an apposite chart to drill it down), Governments have confirmed to be the most vulnerable targets with the 10% of the occurrences, corresponding to the most vulnerable single category.

Amongst the single categories, Law Enforcement Agencies rank at number two with the 8% of occurrences, followed by Education targets, online forums and political organizations, each one of them with the 5% of occurrences.

Again, please notice that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period. Moreover, remember that the most dangerous threats are the invisible ones.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2011 Cyber Attacks Timeline

August 2, 2011 5 comments

This awful infosec July is over, and finally we can sum up the Cyber Attacks reported during this month. I collected all the available information and inserted it inside the following chart. Where possible (that is enough information available) I tried to estimate the cost of the attacks using the indications from the Ponemon’s insitute according to which the average cost of a Data Breach is US $214 for each compromised record. The total sum (for the known attacks) is around $7.6 billion, mainly due to the “National Data Breach” of the South Korean Social Network Cyworld.

Approximately 16 attacks were directly or indirectly related to Antisec or Anonymous, they promised an hot summer and unfortunately are keeping their word…

Useful resources for compiling the (very long) chart were taken from:



Get every new post delivered to your Inbox.

Join 3,320 other followers