Archive

Posts Tagged ‘Barack Obama’

1-15 February 2015 Cyber Attacks Timeline

February 17, 2015 Leave a comment

I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.

These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.

It is very hard to choose which one deserves the (not so) coveted prize, in any case a consideration is worth: there could not have been a worst way to begin this 2015 Infosec year.

Moving on along the timeline, other interesting events appear, such as the compromising of the Forbes web site (again Flash is on the spot) by a Chinese APT Group dubbed Codoso, a “mobile tail” of the Operation Pawn Storm, now spreading to iOS devices, and eventually an unprecedented campaign targeting Syrian rebels using a combination of fake social media and Skype accounts associated with fictional female characters.

In background, as usual, multiple events driven by hacktivism, whose most remarkable one is undoubtedly the massive campaign carried on by the Anonymous collective, aimed to erase hundreds of pro-ISIS accounts and profiles from the Cyber Space (in particular from Facebook and Twitter).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2015 Cyber Attacks Timeline Read more…

16-31 October 2013 Cyber Attacks Timeline

November 12, 2013 2 comments

And here we are we the second part of the October 2013 Cyber Attacks Timeline (first part here).

It’s interesting to notice how sophisticated cyber attacks are characterizing the final part of this 2013. The second timeline of October reports at least three remarkable cases: Belgacom (once again), the Finland’s Foreign Ministry and a wave of spear phishing against several targets belonging to Israeli Industries in the defense and security sector

Other noticeable events include the compromising of some servers belonging to php.net, the breach to the online database MongoHQ, and also a breach involving NeoGaf, a popular video games forum, targeting potentially 114,000 users.

The latter is the only remarkable breach (at least from a numerical perspective) of this second half of October, in the same period in which new revelations indicate that the number of victims of the infamous Adobe breach occurred in the first part of this month appears 12 times greater than initially estimated (38M users).

For the rest, the summary of the month is closed by the usual background of hacktivism, a growing phenomenon that is showing multiple different “flavors” and hence is no more characterized by the only infamous Anonymous collective.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 October 2013 Cyber Attacks Timeline Read more…

1-15 June 2013 Cyber Attacks Timeline

Here it is the first part of the June 2013 Cyber Attacks timeline covering the first half of the month.

This period has been characterized by the protests in Turkey, that, easy predictable, have also influenced the cyber landscape. Many attacks (in several cases even with noticeable impact) have been carried on in name of OpTurkey.

Other noticeable facts include the attacks against the European Police College (14,000 records affected), the Bangladeshi Air Force recruitment website (110,000 credentials affected), and, most of all, against the Danish Police which affected the country’s driver’s license database, social security database, the shared IT system across the Schengen zone, and the e-mail accounts and passwords of 10,000 police officers and tax officials.

Last but not least, the first two weeks of June has brought us yet another high profile cyber-espionage operation, dubbed NetTraveler.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2013 Cyber Atacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The 2010 Olympic Games

Two months again and the World will assist to the 2012 London Olympic Games. Unfortunately the same is not true for Information Security Professional for which the Olympic Games have started approximately two years ago in Iran, more exactly during the summer of 2010 when the infamous malware Stuxnet (the first 21st Century Cyber Weapon) became public, unleashing its viral power to the entire World.

Apparently Olympic Games have nothing to deal with Stuxnet… Only apparently since “Olympic Games” is just supposed to be the code-name of the cyber operation,  begun under the Bush administration and accelerated by Mr. Obama, aimed to build the first Cyberweapon targeting the Iranian Nuclear Facilities. This is in few words the genesis of Stuxnet, at least according to a controversial article published by The New York Times, which anticipates a book on the same argument by David E. Sanger (Confront and Conceal, Obama’s Secret Wars and Surprising Use of American Power), and which is generating a comprehensible turmoil.

Of course many words have been spent on the argument and probably (too) many will be spent as Stuxnet has not proven to be an isolated case. Moreover (is this a coincidence?) these revelations of the NYT came out in the aftermath of the discovery of the Flame Malware which is further fueling the tension in Middle East and, if officially confirmed, could set a potentially dangerous precedent for other countries looking to develop or expand their own clandestine cyber operations.

I think I cannot give any useful contribution to the debate, if not a humble suggestion to read this interesting interview to F-Secure CRO Mykko Hypponen who explains the reason antivirus companies like his failed to catch Flame and Stuxnet… If really the alleged NYT revelations will encourage other countries to enhance their cyber arsenal, there is much to be worried about, even because the 21st century cyber weapons have shown, so far, a clear attitude to escape from the control of their creators.

December 2011 Cyber Attacks Timeline (Part I)

December 21, 2011 Leave a comment

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Discover The Misplaced Detail

December 19, 2011 2 comments

It is time of huge dumps in Italy. Yesterday Cyberwarnews reported of 9000 accounts leaked from qualitapa.gov.it, a website linked to Italian Minister of Public Administration and Innovation. It is not the first time a similar occurrence happens in “Belpaese” (you will remember the Hot Summer with the controversial hack of CNAIPIC, The Italian Cyber Police and the subsequent hack of some contractors), for sure it is the first time such a huge number of accounts is dumped in Italy.

I would not prefer to comment, I only noticed in particular one account that looks familiar, extremely familiar and dangerously reminds the name (and the initial of the surname) of the former Minister of Justice. I hope it is only a coincidence… On the other hand if even the UN Account of The President Barack Obama is dumped, why should not it happen for the account of a former Italian Minister…

Internet In A Suitcase

June 13, 2011 2 comments

According to a NYT article, this is exactly what the Obama Administration is doing, leading a global effort to deploy a “shadow” Internet and an independent mobile phone network that dissidents can use against repressive governments that seek to silence them by censoring or shutting down telecommunications networks (as happened in Egypt and Syria).

More in detail the above mentioned effort include secretive projects to create independent cellphone networks inside foreign countries, as well as an “Internet in a suitcase” prototype, financed with a $2 million State Department grant, which could be secreted across a border and quickly set up to allow wireless communication over a wide area with a link to the global Internet. In a sort of 21st century version of Radio Free Europe relying on a version of “mesh network” technology, which can transform devices like cellphones or personal computers to create an invisible wireless web without a centralized hub

If one puts together the pieces of the puzzles of the last events, one clearly realizes that the ingredients were already on the pot and now are being mixed in the right dosage for a recipe of freedom.

On the other hand the importance of the Internet Connectivity (in terms of presence or absence) in War Zones is unquestionable. And this is brilliantly shown from the fact that we are getting more and more familiar with the shutting down of Internet connectivity as a clumsy attempt carried out by some governments for preventing the spreading of unwelcome information and the consequent use of Social Networks for propaganda, PsyOps or real War Operations. Of course I already talked about special groups of US Army, which I dubbed “Corps of (Networks and Security) Engineers” dedicated to maintain Internet connectivity in war zones by mean of 3G or Wi-Fi drones. It looks like I was only partially right since the reality seems much closer to a spy novel featuring special agents equipped with Internet suitcases rather than soulless drones equipped with antennas.

Same speech for mobile technologies: United States officials said, the State Department and Pentagon have spent at least $50 million to create an independent cellphone network in Afghanistan using towers on protected military bases inside the country in order to offset the Taliban’s ability to shut down the official Afghan services. More recently, a similar action was performed in Libya, with the hijacking of the Libyana Mobile Operator Network to be used by rebels groups to communicate between them. Clearly these were not episodic cases but the first examples of a real mobile warfare strategy aimed to maintain mobile connectivity (videos shot with mobile phones are a point in common of all the protests in Maghreb and Middle East) without clumsy actions such as the smuggling of Satellite Phones in Syria.

In light of these facts, Mr. Obama’s speech on the Middle East on May, the 19th assumes a new meaning and a deeper analysis shows that some prodromes of this strategy were already announced, even if in a hidden form:

Cell phones and social networks allow young people to connect and organize like never before. A new generation has emerged. And their voices tell us that change cannot be denied…

And again:

In fact, real reform will not come at the ballot box alone. Through our efforts we must support those basic rights to speak your mind and access information. We will support open access to the Internet.

Open support to Internet… Even if closed inside a suitcase…

Follow

Get every new post delivered to your Inbox.

Join 3,686 other followers