About these ads

Archive

Posts Tagged ‘2012’

December 2012 Cyber Attacks Statistics

January 9, 2013 2 comments

December (and hence this 2012) is gone, so it is time to analyze the statistics for the corresponding Cyber Attacks Timelines.

According to the Daily Trend of December, the Christmas break has not stopped the hackers. The trend is quite constant (with a decrease around the end of the month) and with a peak around the 21st of December (the alleged End of the World according to the Mayan Calendar).

Daily Trend December 2012

The Motivations Behind Attacks chart shows an inversion of tendency in comparison with November. Cyber Crime and Hacktivism had nearly the same impact with respectively the 47% and 46% of occurrences. It is also interesting the presence of Cyber Warfare and Cyber Espionage Campaigns (mainly concentrated in the East).

Motivations December 2012

Also in December, the Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection, even if with a slightly lower impact than the previous month when it was at the 52%: nearly one attack on three has been carried on with this technique. Instead, in almost one attack on four, there was not enough information. Despite the attacks by Izz ad-Din al-Qassam Cyber Fighters, the weight of DDoS is progressively decreasing (this category ranks at number four with the 17% of occurrences), while, on the other side, the number of discovered targeted attacks is growing. Maybe they are increasingly attracting the attention of Security Researchers.

Distribution December 2012Again an inversion in comparison with November: the Distribution Of Targets chart shows that in the December cyber-crooks diverted their attention for targets belonging to the Government sector, even if industries and organizations are very close (the peak of the latter is due to the campaign of the Anonymous against the Westboro Baptist Church. It is also interesting to notice the peak of attacks against Financial institutions mainly due to the waves of DDoS attacks against the U.S. Bank.

Targets December 2012

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the December Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

1-15 December 2012 Attack Statistics

December 22, 2012 Leave a comment

Let us gave a look to the landscape of Cyber Attacks, during the first half of December 2012. Apparently cybercrooks are taking a break for Christmas, since, according to my selection Criteria, the number of attacks has shown a small decrease in comparison with the previous months.

The Daily Trend shows an inconstant trend with two peaks around respectively the 3rd December and the 11th and 12th (the latter due to the peak of Cyber Attacks against the US Banks).

Daily Trend 1-15 December 2012The Motivations Behind Attacks chart shows, for the first time since August, the overtake of Hacktivism against Cyber Crime. Let us see if this trend will be confirmed until the end of the year.

Motivations 1-15 December 2012

The Distribution Of Attacks chart confirms that SQL Injection confirms to be the weapon preferred by Cyber Attackers with nearly one third of the occurrences (the value reaches nearly the 40% if one sums also the cases in which the attack seems to have been carried on with this technique but no enough evidences have been collected). In my opinion it is also important to notice the presence in the chart of several attacks perpetrated exploiting application vulnerabilities, but also the growing presence of targeted attacks (as usual you can find the details on the corresponding Cyber Attack Timeline.

Distribution 1-15 December 2012

Instead, at least for the first half of the month, the Distribution of Targets chart seems quite fragmented. Governmental targets lead the chart, but Financial, Industrial and Organizational targets are very close. Maybe the fragmentation depends from the partial sample. The second half of December will tell us if cybercrooks will concentrate their attacks against a specific sector.

Targets December 2012

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 December 2012 Cyber Attacks Timeline

December 17, 2012 2 comments

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.

Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 December 2012 Cyber Attack Timeline Read more…

November 2012 Cyber Attacks Statistics

December 9, 2012 3 comments

From an information security perspective, November has been a month with two faces. The first part of the month has been characterized by hacktivism, nevertheless the Cyber Crime has reached an unprecedented level with the 69% of occurrences.

Let us begin with the Daily Trend chart. This chart confirms the influence of cyber attacks motivated by hacktivism in the first half of the month that explain the peak around the 5th of November.

Daily Trend Nov 2012

Despite the peak of attacks motivated by hacktivism occurred in the first half of the November, the Motivations Behind Attacks chart confirms the predominance of Cyber Crime with nearly the 69% of occurrences, followed by Hacktivism with the 28%. This growing trend of Cyber Crime is in line with the previous months even if the frequency has reached an unprecedented value (the higher so far).

Motivations Nov 2012

Also in November, the Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection. Nearly one attack on two has been carried on with this technique. It is also interesting to notice the presence of DNS Poisoning: November has brought three attacks executed with this method.

Techniques Nov 2012

The Distribution Of Targets chart shows the preference of cyber-crooks for targets belonging to the Industry sector. Even if the difference with governmental targets is only one point (19% against 18%), this is in contrast with the previous month where the ranks were exactly opposed (governmental targets led the chart with the 31%). Educational targets are “stable” at the 11% (were the 13% during the previous month). Curiously this month has registered a peak of attacks against Torrent sites.

Targets Nov 2012

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the November Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 November 2012 Cyber Attacks Timeline

December 4, 2012 1 comment

November has gone and it’s time to review this month’s cyber landscape.

From a Cyber Crime perspective, November 2012 will be probably remembered for the breach to Nationwide, one of the largest insurance and financial services providers in the US, a breach that has potentially left up to 1 million users exposed. Unfortunately, in terms of massive breaches, this is not the only remarkable event of the month, just at the end Acer India has suffered a massive cyber attack culminated in the leak of nearly 15,000 records. Not comparable with the breach that affected Nationwide, but for sure of big impact.

Also on the cyber-espionage front this month has been interesting: JAXA, the Japan Space agency has been targeted by yet another targeted attack (after January 2012) and Symantec has discovered W32.Narilam, a new destructive malware targeting several nations in Middle East.

The hacktivist front has been characterized by the dramatic events in Gaza, the attacks have reached a peak around the first half of the month (as in the first part, I did not take into consideration the attacks carried on in name of OpIsrael for which I wrote a dedicated timeline), in any case the Anonymous have found another way to mark this month, leaking 1 Gb of documents from the Syrian Ministry of Foreign Affairs.

Last but not least, this month has seen three large-scale DNS Poisoning attacks (against the Pakistani Registrar PKNIC, Inc., GoDaddy, and the Romanian Registrar). A very rare occurrence!

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 November 2012 Cyber Attacks Timeline

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 November 2012 Cyber Attacks Statistics

November 23, 2012 Leave a comment

This November 2012 seems really to be endless from an Information Security Perspective. We have assisted so far to a remarkable number of Cyber Attacks.

As usual is it time to provide the partial snapshot of November taken from the corresponding Cyber Attack Timeline and covering the first half of the month. Please notice that the stats below do not include the following events:

  • The massive leak of Team Ghostshell for ProjectBlackStar (2.5 million accounts leaked from different targets in Russia);
  • The Cyber Attacks executed by the Anonymous and the other affiliated collectives for OpIsrael.

The above attacks have been executed on a much wider scale so counting the singe events would be senseless. Anyway other Sites have done an excellent Job for the aggregated stats of those attacks, see for instance OZDC.net for Project Black Star, and OpIsrael.

With this in mind let us proceed to examine the Daily Trend Of Attacks. Please notice the peak of November 5 (no need to comment it!):

Of course the Motivations Chart reflects this trend with the 60% of the attacks considered in my sample led by hackitivism. Apparently no different motivations than Hacktivism and Cyber Crime have been observed in this period.

I use not to take into considerations defacements, but this time their impact on the past two weeks has been very high. This is clearly shown in the Techniques Chart, where they rank at the first place, together with SQL Injection, with the 33% of occurrences:

As usual, the Target chart shows that Governmental targets rank at number one, immediately followed by targets belonging to Industry. Please notice the peak of Torrent Sites. This is due to the waves of DDoS Attacks carried on by Zeiko Anonymous, only because he has not been able to obtain an invite to a close torrent forum. Nothing to add: the reasons for hacking may range from Cyberwar to “simple” whims.

Please, as usual, take the sample very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,088 other followers