Archive
April 2013 Cyber Attacks Statistics
As I do every month (unfortunately with a constantly growing delay, here are the statistics extracted from the cyber attacks timelines for April 2013.
As usual, let us begin with the Daily Trend Chart. The peak of April the 2nd seems to be quite an exception for a quiet month, showing a constant trend, except for the decrease towards the end.
Similarly to March, the Motivations Behind Attacks Chart confirms the predominance, inside the sample, of the attacks motivated by hacktivism, leading the chart with 56% (was 50% during the previous month).
And, again, similarly to March, DDoS leads the Distribution of Attack Techniques Chart with nearly 35%. SQLi ranks at number three with nearly the same value than the previous month (13.5%). It is worth to mention the rise of the cases of account hijacking, on the rise of the attacks carried on by the Syrian Electronic Army.
Again, the wave of DDoS attacks affects the Distribution Of Targets Chart, lead by Financial Targets with 32%, twice as much as the industrial sector, ranking at the second place with nearly 15%. Apparently the attention against the governmental targets is decreasing, as a result, they rank at number three with 10.7%.
As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- March 2013 Cyber Attacks Statistics (hackmageddon.com)
- 16-30 April 2013 Cyber Attacks Timeline (hackmageddon.com)
- 1-15 April 2013 Cyber Attacks Timeline (hackmageddon.com)
16-30 April 2013 Cyber Attacks Timeline
Here’s the second part of the April cyber attacks Timeline (Part I at this link)
The most remarkable event of this period has certainly been the breach suffered by Living Social potentially exposing 50 million customers of the e-commerce website. Other illustrious victims of the month include the mobile operator DoCoMo and the online reputation firm Reputation.com.
The wake of DDoS attacks has continued even in the second part of the month: once again several U.S. banks have fallen under the blows of the Izz ad-din al-Qassam Cyber Fighters.
Like in the first half of the month, following a consolidating trend in this 2013, the Syrian Electronic Army has continued his wave of attacks against Twitter accounts (even the FIFA has been targeted). In one case, the hijacking of the Twitter account of Associated Press, the bogus tweets related to an alleged attack against the White House, the effect has crossed the boundaries of the cyber space (the Dow Jones Industrial Average fell 150 points, or about 1 percent, immediately following the tweet).
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 April 2013 Cyber Attacks Timeline
I know, I am a little late this month. We have just entered May and I was able to publish the first part of the Timeline of April. I will try to maintain the usual rhythm and to be more punctual for the next releases.
Anyway, the first part of April has offered many interesting port with several large scale attacks and massive breaches. The first category includes the Darkleech malware against Apache, and the gigantic brute-force attack against WordPress. The second category includes the attacks against two primary Japanese portals, the FPS War Z, Scribd, Linode, and, most of all Schnucks Markets, targeting potentially 2.4 million users.
But not only Cyber Crime in this month, even the hacktivists were quite active with their OpIsrael 2 (and its controversial damage report), the wake of attacks against North Korean web sites, and even the sixth week of DDoS attacks against the U.S. Banks carried on under the so-called Operation Ababil.
Hard times for System Administrators!
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Read more…
March 2013 Cyber Attacks Statistics
It is time to summarize the timelines of March (part I and part II) into statistics. Of course this exercise does not aim to be exhaustive but only to provide a snapshot of the current landscape.
The Daily Trend chart shows a decrease of the attacks in the second part of the month with an isolated peak on the 20th: the day of the wiper attack in Korea. Except for this the trend is clearly decreasing
Hacktivism is still on top of the Motivations Behind Attacks chart with 50% of occurrences. Same rank and a value similar to the previous month when it was at 56%. Also March confirms that Cyber Espionage campaigns are becoming more and more frequent (or at least deserve an important coverage on the chronicles). Symptom of a growing attention or simply a media hype?
The Distribution Of Attack Techniques is influenced by the Operation Ababil against U.S. Banks, that has pushed the DDoS at number one with nearly one attack above two during this month. This is very different from the previous month when SQLi led the chart with 34%. Even in this case it is important to notice the growing presence of targeted attacks on the chart (strictly related to the growing coverage of Cyber Espionage campaigns).
Last, but not least, the Distribution of Targets chart shows the financial targets at number one with nearly 30% (a clear influence of the attacks against U.S. Banks). Governmental targets are immediately behind with 25.5%. At number three a (relatively) new entry: target belonging to the news sector gain the bronze medal with the 12.4% of occurrences.
As usual, as I told before, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 March 2013 Cyber Attacks Statistics
Here are the statistics for the main cyber attacks collected during the first half or March and reported inside the corresponding Timeline.
The Daily Trend chart shows quite an heterogeneous shape, with a peak occurring on the 13th mainly due to the wave of defacements against high profiles Philippine governmental targets. Instead the wave of DDoS attacks in the Czech Republic is the cause of the peaks occurred during the 4th, the 6th and the 7th.
The Motivations Behind Attacks chart shows a revamp of Cyber Crime, at number one with the 49% of attacks (against the 31% of the previous month). However the influence of hacktivism remains equally high (48%).
The Distribution Behind Attacks is influenced by the waves of attacks in Czech Republic and by the third phase of the Operation Ababil. As a consequence the DDoS flies at the first place of the chart, slightly above the 50%, and well beyond SQLi that ranks at the second place with “only” 13.2% of occurrences.
But the effect of the wind of hacktivism does not end here. In fact the Distribution of Targets chart puts financial targets at number one with 27.5% of occurrences, immediately above governmental (26.4%) and twice as higher as news media, at number three with 14.3 of occurrences. It is interesting to note the “fall” of the targets belonging to industry, that, in the first two weeks of March, collected a “poor” 9.9% (but maybe this is one of those chart in which the smaller the value, the better it is).
I will never give up repeating that the sample must be taken very carefully and does not pretend to be exhaustive, since it refers only to discovered attacks included in the 1-15 March Cyber Attacks Timeline (the so-called tip of the iceberg). The purpose is only to provide an high level overview of the “cyber landscape”.
In any case, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- February 2013 Cyber Attacks Statistics (hackmageddon.com)
- 1-15 March 2013 Cyber Attacks Timeline (hackmageddon.com)
1-15 March 2013 Cyber Attacks Timeline
Other troubles for system administrators: March is confirming the 2013 dangerous trend with several high profile breaches against industrial, financial and governmental targets.
The first two weeks of March have begun with the breach to Evernote, and continued with (among the others) the third phase of the infamous Operation Ababil, targeting U.S. Banks and an alleged Chinese attack against the Reserve Bank of Australia.
Additional noticeable events include a wave of DDoS attacks against several Czech Republic’s targets (belonging to media, news and financial sector), a breach suffered by the NIST Vulnerability Database (unfortunately not an isolated example of the attacks against US governmental targets happened in these two weeks) and also the leak of 20,000 records from an Avast! German distributor.
Last but not least, the examined period has also confirmed the role of Twitter as the new mean to make resounding attacks against single individuals or organizations. Qatar Foundation, Saudi Aramco, and France 24 are only several of the organizations fallen victims of accounts hijacking.
Of course, these are only the main events, feel free to scroll down the list to analyze in detail what happened in these two weeks.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Once again, a special thanks to Kim Guldberg AKA @bufferzone for continuously advising me about significant cyber events through the Submit Form! Much Appreciated!
February 2013 Cyber Attacks Statistics
Quick Update: More and more visitors ask where the data for the statistics is collected from. It is indicated at the end of each post, but for those that do not feel like to read until the bottom: the stats are an aggregation of the corresponding Cyber Attack Timeline of the current month.
Although the number of Cyber Attacks in February has not reached the level of January, the level of attention in this part of the year remains high.
The Daily Trend of Attacks chart clearly shows a peak around the 23th of February, the International Privacy Day, when the Anonymous unleashed their OpBigBrother, concentrating the fire against industries related to Video Surveillance and several Law Enforcement Institutions. Other “trafficked” day of the month were the 3rd and the 15th.
The Motivations Behind Attacks chart confirms the prevalence of hacktivism with 56% of occurrences, exactly the same percentage observed in January. Cyber Crime is stable at number two, even if its percentage dropped from 40% to 31%. It is interesting to notice, month after month, the growing number of Cyber Espionage campaigns discovered.
SQLi leads the Distribution Of Attack Techniques chart with 34.3% of occurrences, a value similar to the one encountered in January (32.6%) when this category of attacks ranked at number two. One month ago, the first place was for DDoS, which apparently is loosing appeal in February, dropping from the first to the fifth place with a small 8%, far from the 39% of the previous month and also overtaken, by Targeted Attacks (11.7%). The next months will tell us if this is the beginning of a new trend or simply an isolated sporadic event.
Last but not least,industry targets lead the Distribution Of Targets charts. This is a consequence of the spree of attacks against video surveillance industries happened on February the 23rd. Governmental targets confirm their second place with a value (23.7%) close to the one registered during the previous month. Targets belonging to organizations rank at the third place, in front of financial targets.
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 and 16-28 February 2013 Cyber Attacks Timelines (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- January 2013 Cyber Attacks Statistics (hackmageddon.com)
- 16-28 February 2013 Cyber Attacks Timeline (hackmageddon.com)
- 1-16 February 2013 Cyber Attacks Timeline (hackmageddon.com)
16-28 February 2013 Cyber Attacks Timeline
It is time for the summary of the second half of February, two weeks of remarkable cyber attacks against high-tech giants, massive breaches and Twitter Account Hijackings.
Probably the most resounding events of this period (maybe more for the high profile of the victims than for the actual effects) are the two attacks, allegedly originating from China, (with a common root cause, the compromising of an iPhone developer forum) carried on against Apple and Microsoft.
But not only the two high-tech giants, other illustrious victims have fallen under the blows of hacktivists and cyber criminals. The list is quite long and includes Bank of America, American Express, Casio, ZenDesk, cPanel, Central Hudson Gas & Electric Corporation, etc.).
Last but not least, the unprecedented trail of Cyber attack against Twitter Profile belonging to single individuals (see Donald Trump) or Corporations (Burger King and Jeep). Maybe it is time to change the passwords…
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
A special thanks to Kim Guldberg AKA @bufferzone for continuously advising me about significant cyber events through the Submit Form! Much Appreciated!
1-15 February 2013 Cyber Attacks Statistics
It is time for the statistics related to the Cyber Attacks occurred during the first half of January and inserted into the the corresponding timeline.
The Daily Trend of Attacks shows two major peaks, during the 3rd of February (corresponding to the wave of DDoS attacks against Egypt Governmental targets carried on in name of OpEgypt), and just at the end of the month, when the attacks in name of OpKashmir became stronger. A third peak is visible during the 8th and, not a coincidence, it is still due to hacktivism, and in particular to the so-called OpBankUnderAttack.
The Motivations Behind Attacks Chart confirms the trend consolidated in January with Hacktivism still at the top with exactly the same percentage (56%). Cyber Crime Ranks at the second please with one half of the occurrences (28%). It is interesting to notice the Cyber Espionage that has reached its higher value (9%), maybe a consequence of the hype surrounding APT that is characterizing this period. For the first time I also had to insert a new motivation: Art. Frankly I did not find any other way to explain the Democratization of the Offshore Business made by the Italian Artist Paolo Cirio.
SQL Injection keeps on leading the chart related to the Distribution Of Attack Techniques with 31% of occurrences, almost double than DDoS at the second place with 15.6%. It is particularly interesting to notice the presence of Targeted Attacks at the third place, the higher rank ever reached so far. Media hype on the wake of the clamorous attacks of the last days, or a real increased effectiveness of the technologies that allow to detect an increasingly growing number of attacks belonging to this class of threats?
Last but not least, the Distribution of Targets Chart confirms governmental targets at the first place with nearly 30%, immediately followed by, as usual, industries (18.8%) and organizations (12.5%). In any case the level of attention of crooks is also high against targets belonging to the Financial and News sector, which steadily rank respectively at number 4 and 5 of this unwelcome chart with the 10.9% and 9.4%. The others follow….
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 February 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-16 February 2013 Cyber Attacks Timeline
Here is the summary of the Cyber Attacks Timeline for February. A month that will probably be remembered for the “sophisticated” cyber attacks to the two main social networks: Facebook and Twitter.
But the attacks against the two major social networks were not the only remarkable events of this period. Other governmental and industrial high-profile targets have fallen under the blows of (state-sponsored) cyber criminals: the list of the governmental targets is led by the U.S. Department of Energy and the Japan Ministry of Foreign Affairs, while Bit9, a primary security firm, was also targeted, leading the chart of Industrial targets.
Hacktivists have raised the bar and breached the Federal Reserve, leaking the details of 4,000 U.S. Banks executives. Similarly, the Bush family was also targeted, suffering the leak of private emails.
Even if the list is not as long as the one of January, it includes other important targets, so, scroll it down to have an idea of how fragile our data are inside the cyberspace. Also have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.
About The Author
Support My Work!
Share:
News
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
Visitors from…
