About these ads

Archive

Posts Tagged ‘August’

August 2013 Cyber Attacks Statistics

September 7, 2013 Leave a comment

It’s time for the statistics derived from the Cyber Attacks Timelines of August (Part I and Part II).

As usual, it is important to point out that I cannot provide a comprehensive picture since I only take into consideration those events that, in my opinion, deserve to be taken into consideration. Nevertheless I believe this data can be useful to understand what’s going on.

Before starting, please let me thank @piz69 who gave me very useful suggestions to sort the data. I am not a big fan of Excel (and hence of its Pivot Tables), but I must confess they are very useful!

Let us begin with the Daily Trend of Attacks chart. The chart is dominated by the peak around the August, the 15th. A clear consequence of the mutual attacks between India and Pakistan in conjunction with their respective Independence Days.

August 2013 Daily Trend

US and UK confirm their top rank in the Country Distribution chart, with India that overtakes Pakistan, pushing it out of the podium. For sure the US are a willing prey for Cyber Criminals, but is also necessary to consider the influence of the Security Breach Notification Law, which grants a higher transparency. I wonder if EU countries will climb the rankings once the new Data Breach Notification Law will fully come into effect.

August 2013 Countries

Just like the previous month, Cyber Crime leads the Motivation Behind Attacks chart with approximately half of the attacks recorded. Hacktivism is stable at 35% while the growth of Cyber Warfare is related (once again) to the cyber skirmishes between India and Pakistan.

August 2013 Motivations

Apparently is getting harder and harder to track the real technique used to carry on the attacks (apparently nearly for one attack on four this was not possible). However, DDoS in on the spot again and leads the Distribution Of Attack Techniques chart for the known cases. The Syrian Electronic Army traced the line, so the influence of Account Hijacking is becoming more and more evident month after month. Instead the fall of SQLi keeps on. Apparently this technique is constantly loosing points (but I wonder how many of the “unknowns” were effectively related to SQLi.

August 2013 Techniques

And just for a change, once again, Governmental targets lead the Distribution of Target chart with nearly 26%. Industry ranks at number two, while single individuals (victims essentially of account hijackings) rank at number three.  It is interestig to notice, among the organizations victims of Cyber Attacks, the predominance of targets related to Political Parties, a consequence of the social protests exploding all over the world in these troubled days.

August 2013 Targets

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

 

About these ads

16-31 August 2013 Cyber Attacks Timeline

September 2, 2013 Leave a comment

August is gone (and unfortunately the Summer is also reaching the end), so it is time to analyze what happened in the Cyber Space during the second half of this month.

Apparently the hacktivism has been the most influencing factor of the last two weeks on the wake of the sad events happening in Syria, which also influenced the Cyber Space from both sides (loyalists represented by the Syrian Electronic Army and rebels represented by the Anonymous). Other events influencing the landscape include the protests in Turkey, Colombia, Gabon and (marginally) Egypt, which also had some echoes in the Cyber Space.

On the Cyber Crime front the chronicles report the breaches against the RPG League of Legends (million of users theoretically at risk), the Estate Agent Foxtons (10,000 records allegedly compromised) and Pizza Hut Spain and Malta (7,000 records leaked) and a controversial attack to Twitter (nearly 18,000 accounts leaked purportedly belonging to Turkish users).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2013 Cyber Attacks Timeline

Read more…

Timeline of Cyber Attacks in Conjunction with the Pakistan and India Independence Days

August 22, 2013 Leave a comment

As I previously mentioned in the 1-15 August Cyber Attack Timeline, I decided to build a dedicated timeline for the Cyber Attacks between India an Pakistan happened during the month of August as they reached an unusual peak in conjunction with the occurrence of the Independence Days in Pakistan (14 August), and India (15 August).

Actually the relationships between the two countries are not what I would define idyllic, and to confirm this scenario, a huge cyber espionage operation against BSNL the Indian state-owned Telco company, has recently surfaced. In any case, easily predictable, hackers of both sides contributed to add further fuel to the fire with an unusual peak of attacks concentrated around the dates of the Independence Days. These attacks have not the sophistication typical of state-sponsored operations, since are mainly “limited” to defacements (so the damage is more symbolic than practical). However, in several cases the targets are of very high profile (as in the case of the Facebook pages of the Pakistan Army).

A short (probably non-exhaustive) summary follows:

India Pakistan TL

Also notice that during the same Period Pakistan was targeted by an unprecedented wave of Cyber Attacks by Afghan Hackers.

Pakistan Afghanistan

This is indeed quite curious since the attacks came nearly in contemporary of the first football match between the two countries in Kabul after 36 years (and the first home match of the Afghanistan national team after 10 years). For the chronicle, in the real world, Afghanistan’s footballers have won 3-0 over Pakistan.

Read more…

1-15 August 2013 Cyber Attacks Timeline

August 19, 2013 Leave a comment

The first half of August has gone, so it is time for the Cyber Attacks Timeline summarizing the main events occurred in this period.

Looks like the massive breaches have decided to have a break during August. Although the first fifteen days have shown a remarkable number of attacks, no huge leaks have been recorded.

The only exception is the latest attack to the United States Department of Energy (14,000 individuals potentially affected) and the one targeting the Ferris State University with nearly 60,000 records potentially affected.

Other remarkable events include the attacks against Opscode and Crytek. In this latter case four websites have been temporarily taken down.

Last but not least, the Syrian Electronic Army is back in action, and its wave of Social Engineering attack has directly and indirectly hit many primary targets such as Channel 4 and the New York Post (via the hack to the SocialFlow platform).

Important: this period has also seen an high cyber activity between India and Pakistan. The attacks deserve a dedicated timeline to be published very soon. So they will not appear in this timeline.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 August 2013 Cyber Attacks Timeline Addendum Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

August 2012 Cyber Attacks Statistics

September 7, 2012 4 comments

It’s time for the stats related to the Cyber Attacks Timeline of August. I do not remember a month so characterized by Hacktivism like this! The reason is mainly due to the actions motivated by the so-called OpFreeAssange, the waves of cyber attacks in favor of Julian Assange and, most of all in the first part of the month, to the OpDemonoid, the attacks targeting Ukrainan sites after the shutdown of the famous torrent tracker.

Let us begin with the Motivations Behind Attacks Chart. More than one half of the attacks of my sample (58%) were motivated by hacktivism, in line with the data of July (when the value was 55%). Cyber Crime motivated attacks rank at number two, with the 36% of occurrences, even in this case a value substantially in line with the previous month when it was at 31%. Cyber Espionage and Cyber Crime are well behind with the 3% respectively.

Moving forward to the chart regarding the Distribution Of Attack Techniques, there is a predominance of SQLi, which confirms to be the preferred weapon for Hacktivists or Cyber Criminals. DDoS (real or claimed) counts for nearly one third of the occurrence (32,4% real plus a further 2,9% claimed). Of Course, keep always in mind that data refer only to my sample and do not take into account all the defacements (make a jump to Zone-H and you will realize that is simply impossible) unless they are particularly meaningful.

Last but not least, the Distribution Of Targets chart clearly reflects the predominance of hacktivism in this month. In fact target belonging to governments rank at number one with the 19% of occurrences. Industries and organizations are immediately behind with respectively the 16.2% and the 15.2%. Inside industry, technology has been the most targeted sector, this is mainly due to the (controversial) Philips hack, but also to other remarkable cyber attacks such as AMD and AVX Corporation.

Of course, as usual, data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period. Moreover, remember that the most dangerous threats are the invisible ones.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated). Also have a look at the 2012 Cyber Attacks Statistics and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16 – 31 August 2012 Cyber Attacks Timeline

September 5, 2012 Leave a comment

Here the first part with the timeline from 1 to 15 August 2012.

Here we are with the second part of the August 2012 Cyber Attacks Timeline. A second part of the month that has been characterized by hacktivism, most of all because of the so-called OperationFreeAssange, which has targeted many high-profile websites.

Among the targets of the month, Philips has been particularly “unlucky”. The Dutch giant has been the victim of three Cyber Attacks, even if there are several doubts about the authenticity of the hacks.

But maybe the biggest operation of the month is the #ProjectHellFire, carried on by the collective @TeamGhostShell, that has unleashed something as 1 million of accounts belonging to different sectors (banks, government agencies, consulting firms, law enforcement and the CIA). And the group promises new action for this Fall and Winter.

The Middle East confirms to be very hot, with a new Cyber Attack, probably another occurrence of Shamoon, targeting RasGas, yet another Oil Company.

Just one note: of course it is impossible to track all the targets of the #OpFreeAssange. You can find a complete list at cyberwarnews.info.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1 – 15 August Cyber Attacks Statistics

August 22, 2012 Leave a comment

First of all, let me begin with great news: The Cyber Attacks Statistics page is complete with all the data collected so far: I created and inserted even the charts for January, so I am currently covering (and will cover) the whole 2012.

Now, after this small “self-gratification” it is time to look at the statistics derived from the Cyber Attacks Timeline for the first half of August. You will soon discover that this month has seen an (un)expected revamping of Hacktivism and consequently of his preferred weapon (DDoS), and preferred targets (governments). This is a consequence of the so-called OpDemonoid carried on by the Anonymous collective against the takedown of the famous Torrent Tracker (which in many ways reminded the most famous OpMegaUpload). But this is also a consequence of OpAustralia, the operation (successful since the law proposal is in standby) against the new Australian Internet Surveillance Law.

As far as the Motivations Behind Attacks are concerned, Hacktivism ranked at number on with nearly the 50% of the events. Cyber Crime ranked at number two (43%) while as usual Cyber Espionage and Cyber Warfare are well behind (but I wonder how many targeted attacks are acting in this moment, silent and undetected). It is interesting to notice the rise of events motivated by Cyber Espionage (three inside the interval taken into consideration): the Gauss Cyber Attack, the campaign against Saudi Aramco and the attacks against the Nepalese Government.

The winds of hacktivism have a clear influence even in the Distribution Of Attack Techniques which shows a new entry (as it were) at number one. Yes, in the first half of August the DDoS has overtaken the SQLi with nearly one third of the occurrences (31.9%) against the 21.3 of the latter. Only for the 17% of the attacks it has not been possible to identify with certainty the attack technique leveraged.

Clearly the hacktivism also influenced the Distribution Of Targets: nearly one cyber attack on five (among the sample considered), corresponding to the 21%, hit government targets. Targets belonging to the industry sector and to the news sector ranked at number two, both of them with the 13% of the occurrences. Apparently the first half of August has been particularly awful for the News Sector, thanks most of all to Thomson Reuters, that has been hacked three times in two weeks.

Again, I will never get tired of repeating that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 2,705 other followers