Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).
No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).
But the latter was not the only attack targeting the Tor anonymity service in this period, which also suffered an unexplained outage affecting a cluster of Tor Directory Authority Servers in a Rotterdam data center.
Other noticeable events concern the outage of the Internet connection in North Korea (despite it is not completely clear if caused by a cyber attack or a fault), a malware detected in a South Korea power plant, the attacks targeting the ICANN and the ISC Consortium, two among the most important organizations for the Internet, and (yet another) breach targeting NVIDIA.
Moving to a different topic, all in all the hacktivists decided to enjoy the Christmas vacations with the exception of the Syrian Electronic Army who were back, and defaced an online magazine, the International Business Time, for an article against the Syrian regime.
Last but not least, with regard to Cyber Espionage, there have been two operations discovered in this period: an alleged attack perpetrated by Chinese hackers against an Afghan CDN targeting directly many local governmental sites, and indirectly many foreign institutions, and also the discovery of the Anunak group, a well-organized crew able to steal USD $25 Million with a long lasting cyber espionage operation against targets in Europe and the US.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
As I previously mentioned in the 1-15 August Cyber Attack Timeline, I decided to build a dedicated timeline for the Cyber Attacks between India an Pakistan happened during the month of August as they reached an unusual peak in conjunction with the occurrence of the Independence Days in Pakistan (14 August), and India (15 August).
Actually the relationships between the two countries are not what I would define idyllic, and to confirm this scenario, a huge cyber espionage operation against BSNL the Indian state-owned Telco company, has recently surfaced. In any case, easily predictable, hackers of both sides contributed to add further fuel to the fire with an unusual peak of attacks concentrated around the dates of the Independence Days. These attacks have not the sophistication typical of state-sponsored operations, since are mainly “limited” to defacements (so the damage is more symbolic than practical). However, in several cases the targets are of very high profile (as in the case of the Facebook pages of the Pakistan Army).
A short (probably non-exhaustive) summary follows:
Also notice that during the same Period Pakistan was targeted by an unprecedented wave of Cyber Attacks by Afghan Hackers.
This is indeed quite curious since the attacks came nearly in contemporary of the first football match between the two countries in Kabul after 36 years (and the first home match of the Afghanistan national team after 10 years). For the chronicle, in the real world, Afghanistan’s footballers have won 3-0 over Pakistan.
Another week of Cyber War in the Middle East…
Another week in which pro Israeli hackers seem to have disappeared, and hence have apparently left the scene to Pro Palestine hackers, although not so many high-profile actions have been reported in this period. The only exception to this schema is represented by Mauritania Hacker Team who dumped 4000 login accounts from Microsoft Israel Dynamics CRM Online website. This action is particularly significant… Not because it targeted a Cloud service, and not even because it targeted a Microsoft Cloud Service, but most of all because on the wake of the multiple dumps performed by Pro Arab hackers against Israel (among which the dump to the Microsoft Cloud Service was only the latest), the Israel’s Justice Ministry has releases guidelines forbidding unnecessary collection of personal national identification numbers. This is the first time in which the aftermath of a Cyber War has direct implications on everyday life.
From this point of view the wars fought on the cyber domain are completely different from the wars fought on the real world… In the cyber battlefield the civilians are the primary targets (since they have their personal data dumped) and not collateral victims…
David has shown me another example of the strict connection between real warfare and mobile warfare come from Afghanistan. Few days after the revelations about the Internet in Suitcase project funded by the Obama Administration and aimed to deploy a “shadow” Internet and an hidden mobile phone network to be used by dissidents, an indipendent, but somehow similar project has been implemented in Afghanistan. It is called FabFi and it is essentially an open-source, FabLab-grown system using common building materials and off-the-shelf electronics to transmit wireless ethernet signals across distances of up to several miles. Said in few words, the main component of this home made network can be built out of trash.
The Afghan city of Jalalabad has built a high-speed DIY Internet network with main components built out of trash found locally. A FabFi node can be buolt out of approximately $60 worth of everyday items such as boards, wires, plastic tubs, and cans that will serve a whole community at once.
SInce January 2009, the Jalalabad FabLab demonstrated the capability of the FabFi system by bringing high-speed internet to a village, hospital, university, and a non-governmental organization in Jalalabad, Nangarhar Province, Afghanistan. These low-cost, locally-produced networks can be easily spread across isolated villages and towns, placing them in touch with the outside world and facilitating socio-economic development from the ground up.
Jalalabad’s longest link is currently 2.41 miles, between the FabLab and the water tower at the public hospital in Jalalabad, transmitting with a real throughput of 11.5Mbps (compared to 22Mbps ideal-case for a standards compliant off-the-shelf 802.11g router transitting at a distance of only a few feet). The system works consistently through heavy rain, smog and a couple of good sized trees.
The project is important from a double perspective: from a technological point of view it allows high speed connectivity for war zones, or rather zones lacking conventional broadband. From a sociological point of view it confirms the strict relationship between Internet and Democracy, and, (in)directly it also confirms that the Internet is a fundamental weapon for fights in favor of the democracy, what we called the Mobile Warfare.
I could not help noticing, by tweeting with my colleague David:
@cencio4 if you make a parallelism with real warfare, it is like building home made weapons for guerrilla.
And, as a matter of fact, in order to further emphasize the parallelism, he replied:
@paulsparrows that’s exactly what rebels did in Libya with parts of helos on Mad Max-like vehicles
Take the examples of Afghanistan and Libya, invert respectively the terms Internet Connectivity and Weapons, and result is exactly the same.
- Consumerization of Warfare (paulsparrows.wordpress.com)
- Internet In A Suitcase (paulsparrows.wordpress.com)
- Shareable: Afghans Build Open-Source Internet From Trash (mbcalyn.wordpress.com)