Archive
1-15 December 2012 Cyber Attacks Timeline
Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.
The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.
However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.
Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.
16-30 November 2012 Cyber Attacks Timeline
November has gone and it’s time to review this month’s cyber landscape.
From a Cyber Crime perspective, November 2012 will be probably remembered for the breach to Nationwide, one of the largest insurance and financial services providers in the US, a breach that has potentially left up to 1 million users exposed. Unfortunately, in terms of massive breaches, this is not the only remarkable event of the month, just at the end Acer India has suffered a massive cyber attack culminated in the leak of nearly 15,000 records. Not comparable with the breach that affected Nationwide, but for sure of big impact.
Also on the cyber-espionage front this month has been interesting: JAXA, the Japan Space agency has been targeted by yet another targeted attack (after January 2012) and Symantec has discovered W32.Narilam, a new destructive malware targeting several nations in Middle East.
The hacktivist front has been characterized by the dramatic events in Gaza, the attacks have reached a peak around the first half of the month (as in the first part, I did not take into consideration the attacks carried on in name of OpIsrael for which I wrote a dedicated timeline), in any case the Anonymous have found another way to mark this month, leaking 1 Gb of documents from the Syrian Ministry of Foreign Affairs.
Last but not least, this month has seen three large-scale DNS Poisoning attacks (against the Pakistani Registrar PKNIC, Inc., GoDaddy, and the Romanian Registrar). A very rare occurrence!
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- 1-15 November 2012 Cyber Attacks Statistics (hackmageddon.com)
- Timeline of Opisrael (hackmageddon.com)
Timeline of Opisrael
After the ceasefire of the 21st of November, the cyber attacks against Israel, executed in name of OpIsrael, have come to a break.
The contemporaneous ceasefire in the real world and in the cyber space has confirmed the two dimensional nature of this conflict. A conflict in which even the social media played a crucial role: IDF chose Twitter to make the first official announcement of the airstrike that killed Ahmed Al-Jaabari, and subsequently during the stages of operation Pillar of Defence Twitter has been intensively used by the two opposite factions for actions of propaganda, psyops, and even to divulge official news of the war operations.
Since the Ion Cannons are not shooting, this is the best moment to analyze the cyber attacks. At this purpose, in the following table I tried to summarize the timeline of the main events that have characterized this operation (and in general all the cyber attacks executed against Israel since the 14th of November).
Of course I do not pretend to be exhaustive: more than 44 million of cyber attacks in a week are impossible to enumerate singularly.
1-15 November 2012 Cyber Attacks Statistics
This November 2012 seems really to be endless from an Information Security Perspective. We have assisted so far to a remarkable number of Cyber Attacks.
As usual is it time to provide the partial snapshot of November taken from the corresponding Cyber Attack Timeline and covering the first half of the month. Please notice that the stats below do not include the following events:
- The massive leak of Team Ghostshell for ProjectBlackStar (2.5 million accounts leaked from different targets in Russia);
- The Cyber Attacks executed by the Anonymous and the other affiliated collectives for OpIsrael.
The above attacks have been executed on a much wider scale so counting the singe events would be senseless. Anyway other Sites have done an excellent Job for the aggregated stats of those attacks, see for instance OZDC.net for Project Black Star, and OpIsrael.
With this in mind let us proceed to examine the Daily Trend Of Attacks. Please notice the peak of November 5 (no need to comment it!):
Of course the Motivations Chart reflects this trend with the 60% of the attacks considered in my sample led by hackitivism. Apparently no different motivations than Hacktivism and Cyber Crime have been observed in this period.
I use not to take into considerations defacements, but this time their impact on the past two weeks has been very high. This is clearly shown in the Techniques Chart, where they rank at the first place, together with SQL Injection, with the 33% of occurrences:
As usual, the Target chart shows that Governmental targets rank at number one, immediately followed by targets belonging to Industry. Please notice the peak of Torrent Sites. This is due to the waves of DDoS Attacks carried on by Zeiko Anonymous, only because he has not been able to obtain an invite to a close torrent forum. Nothing to add: the reasons for hacking may range from Cyberwar to “simple” whims.
Please, as usual, take the sample very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- October 2012 Cyber Attacks Statistics (hackmageddon.com)
1-15 November 2012 Cyber Attacks Timeline
The first half of November 2012 has been undoubtedly characterized by Hacktivism. Not only the month has begun with the ProjectBlackStar by the infamous Team Ghostshell (2.5 million accounts leaked belonging to different Russian sectors), but also the long-awaited November 5 has brought an unprecedented wave of Cyber Attacks against organizations all over the world, including Symantec and the UK Ministry Of Defence (more than 3,000 accounts leaked in both cases).
Moreover, after the dramatic event of the 14th of November (the killing of Ahmed Al-Jaabari, the commander of the military wing of Hamas by an Israeli missile and the consequent Operation “Pillar Of Defense”), the Anonymous have started a massive campaign of Cyber Attacks against Israel sites and in support of Palestine. This campaign is still ongoing even if it is really impossible to track all the attacks (nearly 700 defaced web sites so far), and hence, as far as possible, only a general overview is provided.
Of course these events have shadowed the other attacks, including the ones to LG (3,300 accounts leaked in two different cyber attacks) and Adobe (150,000 records allegedly compromised).
The chronicles also report of an alleged cyber attack against Telecom Italia (30,000 accounts allegedly leaked), even if there several doubts about the real authenticity of this attack.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
OpIsrael Confirms the Cyber-space is the Fifth Domain of War
The Israeli Cyber Space is under attack by Anonymous hackers in retaliation for the Israeli operation “Pillar of Defence“. The military operation began on Wednesday with the killing of Ahmed Al-Jaabari, the commander of the military wing of Hamas, whose car has been hit by an Israeli Missile
If Hamas’s armed wing, immediately after the attack, replied that “The occupation has opened the gates of hell”, the ongoing wave of cyber-attacks against Israeli sites initiated by the Anonymous collective (under the so-called OpIsrael), has analogously opened the gates of hell in the cyber-space.
So far the Anonymous claim that more than 660 websites have been defaced and nearly 90 completely deleted (including the Bank Of Jerusalem), and the list keeps on growing as the cyber-offensive continues (just follow the #OpIsrael hashtag on Twitter). Israel is suffering a growing number of DDoS and SQLi attacks against governmental, retail, and business targets resulting in sites down, data dump and, in the worst cases, databases completely erased. Interestingly, this wave of cyber-attacks has also deserved the attention of the “semi-official” Iranian news agency Fars News, which has dedicated an article to the Anonymous Hacks.
In the past four days, Israel claims to have deflected 44 million cyber-attacks.
Definitely the cyber-space is the fifth domain of war and this sad circumstance is confirming this assertion, not so much for the cyber-attacks (Anonymous cannot be considered an army), but mostly for other aspects typical of real wars that has been applied to the cyber-space.
In response to the Israeli threat to cut Internet off from Gaza, the Anonymous have put together the Anonymous Gaza Care Package a kind of first-aid kit containing instructions in Arabic and English to survive an Internet teardown and to evade IDF surveillance.
On the opposite side, the Israeli Defence Force has released a tool on its blog, called IDF Ranks, that rewards with badges frequent visitors who interact with the site. The scope, according to IDF, is “to help fight the misinformation about Israel and the IDF online”. A clear attempt to use the cyber-space for propaganda.
October 2012 Cyber Attacks Timeline
Click here for the first part covering the Cyber Attacks from 1 to 15 October 2012.
Here is the timeline for the main Cyber Attacks in October 2012. A month that has been characterized by hacktivism and also by several remarkable cyber crime operations.
For sure the next days will be hard for taxpayers of South Carolina, whose Department of Revenue has been targeted by foreign hackers able to access records of 3.6 million of individuals. But hard days are going to come also for banks: not only the trail of DDoS attack against U.S. Banks has continued even in the second half of the month (although different groups took credit for them), but also, on the cyber crime front, Citigroup has lost 1 million of bucks because of a loophole exploited by a ring of 13 individuals. Different motivations, same lesson: bank security needs a dramatic improvement.
Moving to hactkivism, nothing new under the sun. The pale sun of October has enlightened several operations targeting governments (Greece and Italy above all, to reflect the delicate situation of these two countries) and organization all over the world…
As usual after the jump you will find all the references.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Read more…
Anonymous leaks 3500 Private Docs From Italian Police
On the wake of similar operations carried on by Hacktivists against Law Enforcement Agencies all over the World, the Italian Cell of the infamous collective Anonymous has decided to cross the line targeting the Italian Police with a clamorous Cyber Attack under the label of #Antisec movement.
On October, the 23rd, the Hactkivists have leaked more than 3500 private documents, claiming to own an additional huge amount of sensitive information such as lawful interception schemes, private files and e-mail accounts.
The Italian Police has indirectly confirmed the attack, downplaying its effects with a scant statement (in Italian) that (easily predictable) has raised a furious reaction by the Hacktivists. According to the above mentioned statement, no server was compromised, but the leaked data were just the consequence of several “illegitimate accesses” to private emails belonging to police officers (as to say that several compromised accounts are less severe than a hacked server).
Strictly speaking, this latest attack is not a surprise since in the past months, mainly after the infamous 50 days of Lulz of the LulzSec collective, Governments and Law Enforcement Agencies all over the world have become the preferred targets for Hacktivists under the Antisec shield. From a broader perspective this trend was apparently decreasing during 2012 because of several factors: the discovery of the double identity of Sabu (an hacktivist during the day and an FBI informant during the night), the arrest of W0rmer and ItsKahuna (two members of the CabinCr3w collective who left behind them a long trail of cyber-attacks against law enforcement agencies, and, last but not least, the arrest of the members of the Team Poison Collective.
Unfortunately This cyber-attack changes the rules and brings the things back in time to Summer 2011. It looks similar to LulzSec’s Operation Chinga La Migra, targeting Arizona Border Patrol, and to another (nearly contemporary) cyber attack that allowed LulzSecBrasil (??) to leak 8 Gb of data from the Brazilian Police.
Hopefully this cyber-attack will change the rules in Italy, it has dramatically demonstrated the real risk for public institutions and the need for a greater level of security. As a consequence it cannot be absolutely underestimated.
1-15 October 2012 Cyber Attacks Timeline
Apparently October has shown a decrease in the number of Cyber Attacks. At least from a mere numerical perspective. It is not a coincidence that I used the term “Apparently” since if we consider the most important event of the month: the massive leak from Worldwide universities executed by Team GhostShell inside their ProjectWestWind operation, things are well different.
The one carried on by Team Ghost Shell (approximately 120k accounts leaked) is for sure the most important operation of the current month which has also shown the first virtual hacking operation (at least as far as I remember): the massive death of avatars inside World of Warcraft.
Other remarkable events in the first half of October concern the attack to Playspan (possibly millions of users affected), the new waves of DDoS cyber attacks against US banks, and an alleged hijacking to the Irish domains of Google and Yahoo!.
It worth to mention also the breach of University of Georgia (8,500 users affected) and the 400,000 bucks stolen by unknown hackers to the City of Burlington.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
16-30 September 2012 Cyber Attacks Timeline
Part One with 1-15 September 201 Timeline Here.
September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.
Probably this month will be remembered for the massive outage of six U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.
China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.
Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).
Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29th, under the hashtag of #29s.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
About The Author
Support My Work!
Share:
News
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
Visitors from…
