About these ads

Archive

Posts Tagged ‘August’

August 2014 Cyber Attacks Statistics

September 8, 2014 1 comment

It’s time to aggregate the stats of the August Cyber Attacks Timelines (Part I and Part II).

As usual, let us start from the Daily Trend of Attacks, which shows quite a heterogeneous trend with two peaks around the 18 and 21 August. Despite the summer, the overall level of attacks has been quite high throughout the month.

Daily Trends of Attacks August 2014

The Motivations Behind Attacks chart confirms Cyber Crime at number one, substantially in line with the previous month (56.3%). Hacktivism ranks at number two with 28.2% (was 23% in July), while the Cyber Espionage operations keep on occupying an important role. Even if the  reported 14.1% shows a decrease compared with the 18% of July, the value is similarly noticeable. A sign that the influence of targeted attacks in the news is still strong (in wake of the multiple attacks caused by financial malware).

Motivations Behind Attacks 2014

The Distribution Of Attack Techniques reveals an unprecedented 18.2% of targeted attacks, allowing this category to attain a deserved first place (shared with the category of unknown attacks). Defacement is immediately after (15.2%), while the other categories are further behind. It is also interesting to notice the decrease of DDoS and SQLi.

Attack Techniques August 2014

Governmental targets are back on top of the Distribution of Targets Chart with 29.6%, slightly ahead of industrial targets at number two with 28.2%. The others are well behind, with the partial exception of attacks towards single individuals (11.3%), nearly as much as twice of those against news and education targets (5.6%).

Distribution of Targets August 2014

A deeper look at the distribution of the industrial targets, shows a predominance of E-Commerce sites (20%, again an effect of the financial malware outbreak) and Restaurants (15%). The others follow with less than 10%. On the other hand, there is not so much to mention for organizations, few cases, mostly concerning non-profits.

Industry Drill Down August 2014Organizations Drill Down August 2014

Once again, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

1-15 August 2014 Cyber Attacks Timeline

August 19, 2014 Leave a comment

This month of August will be probably remembered for the massive cache of 1.2 million of password scooped up by the Russian gang Cyber Vor, undoubtedly the most important event that overshadowed all the other activity recorded in these dog days.

Besides this remarkable fact, the Cyber Crime chronicles report, among others, an unprecedented attack technique, aimed to hijack ISP traffic to steal bitcoins, the breach to SuperValu, and the compromising of 60,000 staffers who participated in Tennessee health screening program.

Cyber Espionage is still in the spotlight, with the breach to USIS (United States Investigation Services), the discovery of the Turla campaign, and also of a similar campaign targeted specifically to Ukraine.

Turning the attention to hacktivism: Ukraine, Israel and the US (following the events of St. Louis) have been the hottest frontlines, even if the most important event is perhaps the attack against Gamma International, the company behind of the infamous FinFinsher spyware.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 August 2014 Cyber Attacks Timeline Read more…

August 2013 Cyber Attacks Statistics

September 7, 2013 Leave a comment

It’s time for the statistics derived from the Cyber Attacks Timelines of August (Part I and Part II).

As usual, it is important to point out that I cannot provide a comprehensive picture since I only take into consideration those events that, in my opinion, deserve to be taken into consideration. Nevertheless I believe this data can be useful to understand what’s going on.

Before starting, please let me thank @piz69 who gave me very useful suggestions to sort the data. I am not a big fan of Excel (and hence of its Pivot Tables), but I must confess they are very useful!

Let us begin with the Daily Trend of Attacks chart. The chart is dominated by the peak around the August, the 15th. A clear consequence of the mutual attacks between India and Pakistan in conjunction with their respective Independence Days.

August 2013 Daily Trend

US and UK confirm their top rank in the Country Distribution chart, with India that overtakes Pakistan, pushing it out of the podium. For sure the US are a willing prey for Cyber Criminals, but is also necessary to consider the influence of the Security Breach Notification Law, which grants a higher transparency. I wonder if EU countries will climb the rankings once the new Data Breach Notification Law will fully come into effect.

August 2013 Countries

Just like the previous month, Cyber Crime leads the Motivation Behind Attacks chart with approximately half of the attacks recorded. Hacktivism is stable at 35% while the growth of Cyber Warfare is related (once again) to the cyber skirmishes between India and Pakistan.

August 2013 Motivations

Apparently is getting harder and harder to track the real technique used to carry on the attacks (apparently nearly for one attack on four this was not possible). However, DDoS in on the spot again and leads the Distribution Of Attack Techniques chart for the known cases. The Syrian Electronic Army traced the line, so the influence of Account Hijacking is becoming more and more evident month after month. Instead the fall of SQLi keeps on. Apparently this technique is constantly loosing points (but I wonder how many of the “unknowns” were effectively related to SQLi.

August 2013 Techniques

And just for a change, once again, Governmental targets lead the Distribution of Target chart with nearly 26%. Industry ranks at number two, while single individuals (victims essentially of account hijackings) rank at number three.  It is interestig to notice, among the organizations victims of Cyber Attacks, the predominance of targets related to Political Parties, a consequence of the social protests exploding all over the world in these troubled days.

August 2013 Targets

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

 

16-31 August 2013 Cyber Attacks Timeline

September 2, 2013 Leave a comment

August is gone (and unfortunately the Summer is also reaching the end), so it is time to analyze what happened in the Cyber Space during the second half of this month.

Apparently the hacktivism has been the most influencing factor of the last two weeks on the wake of the sad events happening in Syria, which also influenced the Cyber Space from both sides (loyalists represented by the Syrian Electronic Army and rebels represented by the Anonymous). Other events influencing the landscape include the protests in Turkey, Colombia, Gabon and (marginally) Egypt, which also had some echoes in the Cyber Space.

On the Cyber Crime front the chronicles report the breaches against the RPG League of Legends (million of users theoretically at risk), the Estate Agent Foxtons (10,000 records allegedly compromised) and Pizza Hut Spain and Malta (7,000 records leaked) and a controversial attack to Twitter (nearly 18,000 accounts leaked purportedly belonging to Turkish users).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2013 Cyber Attacks Timeline

Read more…

Timeline of Cyber Attacks in Conjunction with the Pakistan and India Independence Days

August 22, 2013 Leave a comment

As I previously mentioned in the 1-15 August Cyber Attack Timeline, I decided to build a dedicated timeline for the Cyber Attacks between India an Pakistan happened during the month of August as they reached an unusual peak in conjunction with the occurrence of the Independence Days in Pakistan (14 August), and India (15 August).

Actually the relationships between the two countries are not what I would define idyllic, and to confirm this scenario, a huge cyber espionage operation against BSNL the Indian state-owned Telco company, has recently surfaced. In any case, easily predictable, hackers of both sides contributed to add further fuel to the fire with an unusual peak of attacks concentrated around the dates of the Independence Days. These attacks have not the sophistication typical of state-sponsored operations, since are mainly “limited” to defacements (so the damage is more symbolic than practical). However, in several cases the targets are of very high profile (as in the case of the Facebook pages of the Pakistan Army).

A short (probably non-exhaustive) summary follows:

India Pakistan TL

Also notice that during the same Period Pakistan was targeted by an unprecedented wave of Cyber Attacks by Afghan Hackers.

Pakistan Afghanistan

This is indeed quite curious since the attacks came nearly in contemporary of the first football match between the two countries in Kabul after 36 years (and the first home match of the Afghanistan national team after 10 years). For the chronicle, in the real world, Afghanistan’s footballers have won 3-0 over Pakistan.

Read more…

1-15 August 2013 Cyber Attacks Timeline

August 19, 2013 Leave a comment

The first half of August has gone, so it is time for the Cyber Attacks Timeline summarizing the main events occurred in this period.

Looks like the massive breaches have decided to have a break during August. Although the first fifteen days have shown a remarkable number of attacks, no huge leaks have been recorded.

The only exception is the latest attack to the United States Department of Energy (14,000 individuals potentially affected) and the one targeting the Ferris State University with nearly 60,000 records potentially affected.

Other remarkable events include the attacks against Opscode and Crytek. In this latter case four websites have been temporarily taken down.

Last but not least, the Syrian Electronic Army is back in action, and its wave of Social Engineering attack has directly and indirectly hit many primary targets such as Channel 4 and the New York Post (via the hack to the SocialFlow platform).

Important: this period has also seen an high cyber activity between India and Pakistan. The attacks deserve a dedicated timeline to be published very soon. So they will not appear in this timeline.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 August 2013 Cyber Attacks Timeline Addendum Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

August 2012 Cyber Attacks Statistics

September 7, 2012 4 comments

It’s time for the stats related to the Cyber Attacks Timeline of August. I do not remember a month so characterized by Hacktivism like this! The reason is mainly due to the actions motivated by the so-called OpFreeAssange, the waves of cyber attacks in favor of Julian Assange and, most of all in the first part of the month, to the OpDemonoid, the attacks targeting Ukrainan sites after the shutdown of the famous torrent tracker.

Let us begin with the Motivations Behind Attacks Chart. More than one half of the attacks of my sample (58%) were motivated by hacktivism, in line with the data of July (when the value was 55%). Cyber Crime motivated attacks rank at number two, with the 36% of occurrences, even in this case a value substantially in line with the previous month when it was at 31%. Cyber Espionage and Cyber Crime are well behind with the 3% respectively.

Moving forward to the chart regarding the Distribution Of Attack Techniques, there is a predominance of SQLi, which confirms to be the preferred weapon for Hacktivists or Cyber Criminals. DDoS (real or claimed) counts for nearly one third of the occurrence (32,4% real plus a further 2,9% claimed). Of Course, keep always in mind that data refer only to my sample and do not take into account all the defacements (make a jump to Zone-H and you will realize that is simply impossible) unless they are particularly meaningful.

Last but not least, the Distribution Of Targets chart clearly reflects the predominance of hacktivism in this month. In fact target belonging to governments rank at number one with the 19% of occurrences. Industries and organizations are immediately behind with respectively the 16.2% and the 15.2%. Inside industry, technology has been the most targeted sector, this is mainly due to the (controversial) Philips hack, but also to other remarkable cyber attacks such as AMD and AVX Corporation.

Of course, as usual, data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period. Moreover, remember that the most dangerous threats are the invisible ones.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated). Also have a look at the 2012 Cyber Attacks Statistics and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,091 other followers