Archive

Posts Tagged ‘Anonymous’

1-15 April 2015 Cyber Attacks Timeline

Spring is sprung, but unfortunately the nice season is not enough to keep the crooks’ hands off their keyboard, as the growing trend continues, and this first half of April has shown a sustained number of attacks.

The most illustrious victim is Lufthansa, whose frequent-flyers website has been hacked, with the attackers able to harvest miles from the unaware victims. Other noticeable events, always related to cyber crime, include the compromise of Linux Australia, and the discovery of Operation Buhtrap, a campaign targeting Russian banks.

But it’s maybe the cyber espionage front, the one that offered the most interesting events over the past two weeks. Chronicles reports a Russian intrusion inside the White House, the discovery of APT30, a decade-long state-sponsored campaign targeting South-East Asian assets, and the first example of an APT-to-APT campaign, something fairly more complex than a simple skirmish between Hellsing and Naikon, two enemy gangs.

Last but not least the Hacktivism has offered some remarkable events either. The most devastating has happened in France, where Pro-ISIS hackers have taken off TV5Monde, a national broadcast. And that’s not been the only one, since other minor defacements, carried on by Islamist hackers, have interested targets all over the world. Among the victims of this tide of attacks there is also the official Vatican website, despite the reason of the attack is a retaliation against the words of Pope Francs, who used the term ‘genocide’ to refer the mass killing of Armenians by Turks.

The 7th of April was also an important date for the hacktivists all around the world. Each year in this day, they reunite their efforts against a single target: Israel, which becomes the victim of the so-called OpIsrael. Of course this punctually happened, but just like the past year, the damages were marginal.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2015 Cyber Attacks Timeline Read more…

16-31 March 2015 Cyber Attacks Timeline

I am back in business after a short vacation period (now and then it happens!), just in time to publish the second Cyber Attack timeline of March (the first one is here), which confirms the growing trend we have been experiencing in 2015.

Two weeks packed with events, started in the worst possible way, with the massive cyber attack against Premera Blue Cross (11 million customers affected), and continued with the same baffling trend, since the list of organizations targeted by massive breaches, includes other primary companies such as British Airways, Slack and Twitch (an Amazon-owned game video streaming service).

Two weeks that also saw a sustained DDoS attack against GitHub, the discovery of several campaigns (Operation Woolen-Goldfish, the Trojan.Loziak malware targeting oil and gas companies, and the Volatile Cedar campaign originating in Lebanon), and also an official statement issued by the South Korean government, blaming North Korea for the network intrusions that stole data from Korea Hydro and Nuclear Power (KHNP).

In background, the usual sea of smaller events driven by hacktivism or cybercrime.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2015 Cyber Attacks Timelines Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 March 2015 Cyber Attacks Timeline

Spring is at the door, and finally the endless winter is coming to an end. I am just wondering if the crooks are starting to enjoy the first rays of sun, given the relatively low level of attacks in the first half of March.

Effectively, for the first time since several months, no massive breaches have been recorded. But don’t get carried away: the second half of March has begun in the worst possible way with the gigantic breach suffered by Premera (definitely a deja vu).

In any case, during the first half of the month, there have been several remarkable attacks driven by criminal intentions, however none of them has achieved the levels we have been used to in the previous months (not for long unfortunately).

Shifting to hacktivism, the Pro-Palestinian collective Anonghost was back in action, and even the Anonymous were back from stealth mode. However the most active actors have been the pro-isis hackers, who have defaced hundreds of Western sites, forcing the FBI to investigate these incidents. It is impossible to count all the victims, so just a special mention for them.

The Cyber Espionage has maybe offered the most peculiar attack, consisting in the hijacking of the internet traffic for 167 important British Telecom customers (including a UK defense contractor) towards Ukraine, before reaching their final destination. Even if the key question probably remains unsolved: was this a gigantic routing blunder or a very large scale attack?

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Mar 2015 Cyber Attacks Timeline Read more…

1-15 February 2015 Cyber Attacks Timeline

February 17, 2015 Leave a comment

I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.

These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.

It is very hard to choose which one deserves the (not so) coveted prize, in any case a consideration is worth: there could not have been a worst way to begin this 2015 Infosec year.

Moving on along the timeline, other interesting events appear, such as the compromising of the Forbes web site (again Flash is on the spot) by a Chinese APT Group dubbed Codoso, a “mobile tail” of the Operation Pawn Storm, now spreading to iOS devices, and eventually an unprecedented campaign targeting Syrian rebels using a combination of fake social media and Skype accounts associated with fictional female characters.

In background, as usual, multiple events driven by hacktivism, whose most remarkable one is undoubtedly the massive campaign carried on by the Anonymous collective, aimed to erase hundreds of pro-ISIS accounts and profiles from the Cyber Space (in particular from Facebook and Twitter).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2015 Cyber Attacks Timeline Read more…

1-15 January 2015 Cyber Attacks Timeline

January 20, 2015 4 comments

It’s now time for the first chart of this 2015, a year that has begun in the worst way even from an Information Security perspective, given the high number of attacks recorded in the first half of January.

Unfortunately the sad events happened in Paris have inevitably conditioned this period: France has been the target of an unprecedented number of cyber attacks (approximately 19,000) allegedly carried on by Islamist hackers and strictly related with the events of the Charlie Hebdo. Nearly in contemporary, the Anonymous have declared war against the IS-IS and have taken down several Jiahdist sites. In the meantime the pro IS-IS hackers of the Cyber Caliphate have found the time to hijack the Twitter account of the CENTCOM: the US military command that oversees operations in the Middle East.

France has also been one of the main targets for Cyber Criminals, since the most remarkable breach of this two weeks has hit the shopping site of TF1, the most important local TV stations (nearly 2 million records possibly compromised). There is also indication of a possible attack to the Spanish affiliate of Orange, but it has not been confirmed.

Other noticeable events of this period concern a possible breach to the EA/Origin service, another (failed) attempt to blackmail a bank, perpetrated by the infamous Rex Mundi collective, and, on a different scale a massive malvertising campaign targeting sites with a combined total monthly traffic of around 1.5 billion visitors.

However, at least for once, I have not recorded events related to Cyber Espionage.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Jan 2015 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 December 2014 Cyber Attacks Timeline

December 22, 2014 Leave a comment

It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).

Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.

At least for once, let us start from hacktivism. The hacktivists seem to be back in action: the Anonymous have taken part, directly or indirectly to several operations motivated by the racial tensions in the US (DDoS attacks against Oakland and Ontario), the raids against the Pirate Bay (leaks of Governmental emails), and the protests against the new High Speed Train line connecting Turin and Lyon (the defacement of  Official website of the Rhône-Alpes region).

A different form of hacktivism (but the border with Cyber Warfare in this case is really blurred) hit Sands Casinos earlier this year. Bloomberg has revealed that an apparent innocuous defacement happened in February was actually the mark of a more devastating attack perpetrated by Iranian hackers, who were able to wipe out all the internal clients and servers.

The Cyber Crime landscape (again maybe it should be more correct to call it Cyber Warfare) is still dominated by the outcome of the Infamous attack to Sony. Other interesting events concern the attack to an unnamed steel industry in Germany, causing physical damages, yet another wave of DDoS attacks against Sony (again!) and XboX Live, and the alleged compromise of Ars Technica requiring the registered users to change their passwords.

Last but not least, the level of state-sponsored operations is always high: at least three of them deserve to be mentioned: Operation Cleaver (allegedly backed by Iran), the resurrection of the Red October Group (Cloud Atlas or Inception) and also the discovery that the ISIS is active also in the Cyber Space, targeting a group of Syrian activists.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline Read more…

16-30 November 2014 Cyber Attacks Timeline

December 2, 2014 Leave a comment

The Cyber Monday has just gone, and here we are with the second Cyber Attacks Timeline of November (Part I here).

Even if no massive breaches against retailers have been discovered so far (however do not get carried away since they will probably need several weeks to surface!), this month equally shows some remarkable events for Cyber Crime, Hacktivism and Cyber Espionage.

Actually I just really did not know where to begin, since each sector shows at least one noticeable events. However, after scrolling down the list, I believe that the crown of the month is all for the powerful Regin, the brand new cyber weapon discovered by Symantec. If you believed that the complexity of Stuxnet, Flame and Duqu was a closed page, you will have to change your mind.

This event has overshadowed the massive attack against Sony Pictures Entertainment, allegedly traced to North Korea, in the wake of the release of the comedy “The Interview”, which has been deemed discriminatory against the country and inciting to terrorism. This attack, which has more then one similarity with the infamous Dark Seoul, has completely blocked the Sony internal IT network and is making happy many individuals worldwide, since several Gigabytes of unreleased material are being leaked in these hours.

Last but not least the hacktivists are back! Not only the Syrian Electronic Army has exited stealth mode, with an attack to Gigya, an identity management platform, which has affected many illustrious victims worldwide, but also the Anonymous have been the authors of several attacks, just like the good old days, in the wake of the controversial decision of the Ferguson grand jury decision.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 November 2014 Cyber Attacks Timeline Read more…

Follow

Get every new post delivered to your Inbox.

Join 3,710 other followers