Archive

Posts Tagged ‘April’

16-30 April 2015 Cyber Attacks Timeline

It’ s time to publish the timeline with the main cyber attacks occurred in April 2015 (Part I here).

Despite the number of attacks has shown a decreasing trend, this second part of April will be probably remembered for the Cyber Espionage campaigns, which, in a couple of cases, have successfully hit the White House, a coveted target for Russian hackers. Other remarkable events in this space include the return of APT 28 (Operation Russian Doll) and an operation carried on by Arabic-speaking attackers, targeting Israeli military networks.

The cyber crime landscape was dominated by the international scam against Ryanair, hit by a fraudulent electronic transaction costing $5 million. Tesla was also the target of an account hijacking, an attack maybe more important from a symbolic point of view rather than for the real effect.

Moving to hacktivism, the chronicles do not report particularly meaningful events. A couple of actions carried on by the Anonymous (against sites related with animal abuse, and against an Israeli weapon accessories manufacturer) and several few other events of minor importance.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2015 Cyber Attacks Timeline Read more…

16-30 April 2014 Cyber Attacks Timeline

It’s time for the report of the cyber activity in April. As usual this post summarizes the main events between 16 and 30 April, whereas the first part covering the attacks between 1 and 15 April 2014 can be found here (ok, actually there’s one attack I had to include in this timeline, dated 10 April).

Apparently this second half has shown a decreasing trend (who knows, maybe the Easter has brought good intentions), nonetheless there have been some noticeable events such as the breach to AOL Mail affecting potentially 50 million users, the breach to Eircom and the interesting trend of attacks against educational institutions (Universities of Virginia, Iowa, North Carolina Wilmington).

In this general decreasing trend, even the attacks motivated by hacktivism have shown a consistent reduction in volume and impact (the Syrian Electronic Army has admitted to be in vacation).

Nothing else of particularly significant to mention but the continual cyber skirmishes between India and Pakistan. Although interesting from an analytic  perspective, the attacks were ‘limited’ to defacements, and hence the overall impact was modest.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2014 Cyber Attacks Timelines Read more…

1-15 April 2014 Cyber Attacks Timeline

And here it is the timeline reporting the Cyber Attacks happened during the first half of April 2014, a month probably long remembered within the Infosec Chronicles for the discovery of the terrible Heartbleed bug (two attacks have been recorded, so far, related to this devastating vulnerability).

Besides the infamous Heartbleed, the most important events of this timeline are related to Cyber Crime. Germany in particular had a bad surprise, with the discovery of a list of 18 million compromised e-mail accounts and passwords, affecting all major German Internet service providers. The list of the remarkable targets also includes Lacie, victim of a malware putting at risk the users who performed on-line purchases from the company web site, the Harley Medical Group (500,000 accounts potentially compromised) and, once again, South Korea where unknown hackers were able to steal the personal information of about 200,000 credit card users, racking up fraudulent charges of about $115,ooo.

The feared wave of cyber attacks against Israel, promised by several Anonymous affiliated hacktivists for the 7th of April, did not happen. The impact of the attacks was limited and in many cases several old leaks were ‘recycled’.

Last but not least, Germany’s Space Research Center in Cologne, was the victim of a targeted attack. Suspects point to China.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2014 Cyber Attacks Timelines Read more…

April 2013 Cyber Attacks Statistics

May 19, 2013 2 comments

As I do every month (unfortunately with a constantly growing delay, here are the statistics extracted from the cyber attacks timelines for April 2013.

As usual, let us begin with the Daily Trend Chart. The peak of April the 2nd seems to be quite an exception for a quiet month, showing a constant trend, except for the decrease towards the end.

Daily Trend April 2013

Similarly to March, the Motivations Behind Attacks Chart confirms the predominance, inside the sample, of the attacks motivated by hacktivism, leading the chart with 56% (was 50% during the previous month).

Motivations April 2013

And, again, similarly to March, DDoS leads the Distribution of Attack Techniques Chart with nearly 35%. SQLi ranks at number three with nearly the same value than the previous month (13.5%). It is worth to mention the rise of the cases of account hijacking, on the rise of the attacks carried on by the Syrian Electronic Army.

Techniques April 2013

Again, the wave of DDoS attacks affects the Distribution Of Targets Chart, lead by Financial Targets with 32%, twice as much as the industrial sector, ranking at the second place with nearly 15%. Apparently the attention against the governmental targets is decreasing, as a result, they rank at number three with 10.7%.

Targets April 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 April 2013 Cyber Attacks Timeline

Here’s the second part of the April cyber attacks Timeline (Part I at this link)

The most remarkable event of this period has certainly been the breach suffered by Living Social potentially exposing 50 million customers of the e-commerce website. Other illustrious victims of the month include the mobile operator DoCoMo and the online reputation firm Reputation.com.

The wake of DDoS attacks has continued even in the second part of the month: once again several U.S. banks have fallen under the blows of the Izz ad-din al-Qassam Cyber Fighters.

Like in the first  half of the month, following a consolidating trend in this 2013, the Syrian Electronic Army has continued his wave of attacks against Twitter accounts (even the FIFA has been targeted). In one case, the hijacking of the Twitter account of Associated Press, the bogus tweets related to an alleged attack against the White House, the effect has crossed the boundaries of the cyber space (the Dow Jones Industrial Average fell 150 points, or about 1 percent, immediately following the tweet).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

April 2013 Cyber Attacks Timeline Part II

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

April 2012 Cyber Attacks Statistics

I have aggregated the data collected related to cyber attacks occurred in April 2012 (that you may find in the links on the right) in order to provide a consolidated view for the month. The statistics have been taken according to three parameters: Motivations Behind Attacks, Distribution of Targets and Distribution of Attack Techniques. Of course the information does not pretend to be exhaustive, in any case it is useful to provide a snapshot on the cyber landscape of the last month.

As far as the Motivations Behind Attacks are concerned, Cyber Crime ranks undoubtedly at number one with the 51% of the occurrences. Hacktivism is at number two with “only” the 39% of the occurrences. Other motivations such as Cyber Warfare or Cyber Espionage are far behind with respectively the 7 and 2 percent. This is not a surprise since attacks motivated by Cyber Espionage should be supposed to be subtle and hidden and this explains their rank (unlike the attacks motivated by hacktivism that use to attract the greatest attention by media).

As far as the Distribution Of Targets is concerned, Governements keep on to be preferred targets, with nearly one third of the occurrences. Law Enforcement Agencies rank at number two with 9% immediately followed by Educational Institutions with 7%. Online Platforms such as Online Games or other kind of platforms (such as email services) are behind with the 6% of occurrences for both of them. Of course the high position for governments and LEAs is quite simple to explain: both categories are the preferred targets for hactkivists.

A month characterized by Distributed Denial of Service, at least according to the Distribution of Attack Techniques chart. SQL Injection ranks at number two, immediately followed by Defacement. If we sum up also the indirect occurrences of SQLi (that is those cases whose symptoms seem the ones proper of SQLi but no direct evidences were found) the distribution of the two techniques is nearly the same (respectively 29% for DDoS and 27% for SQLi). Of course DDoS is the preferedd cyber weapon for hacktivists and this explain its dominion on this unwelcomed chart.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Follow

Get every new post delivered to your Inbox.

Join 3,745 other followers