Posts Tagged ‘Bloomberg’

16-31 December Cyber Attacks Timeline

January 5, 2015 Leave a comment

Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).

No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).

But the latter was not the only attack targeting the Tor anonymity service in this period, which also suffered an unexplained outage affecting a cluster of Tor Directory Authority Servers in a Rotterdam data center.

Other noticeable events concern the outage of the Internet connection in North Korea (despite it is not completely clear if caused by a cyber attack or a fault), a malware detected in a South Korea power plant, the attacks targeting the ICANN and the ISC Consortium, two among the most important organizations for the Internet, and (yet another) breach targeting NVIDIA.

Moving to a different topic, all in all the hacktivists decided to enjoy the Christmas vacations with the exception of the Syrian Electronic Army who were back, and defaced an online magazine, the International Business Time, for an article against the Syrian regime.

Last but not least, with regard to  Cyber Espionage, there have been two operations discovered in this period: an alleged attack perpetrated by Chinese hackers against an Afghan CDN targeting directly many local governmental sites, and indirectly many foreign institutions, and also the discovery of the Anunak group, a well-organized crew able to steal USD $25 Million with a long lasting cyber espionage operation against targets in Europe and the US.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2014 Cyber Attacks Timeline Read more…

A Strange Coincidence

February 2, 2013 2 comments

After the revelation of the Chinese attack against the Gray Lady, other U.S. media companies have admitted to have been targeted by (probably state-sponsored) Chinese Hackers in 2012. Immediately after the NYT, even the Wall Street Journal has revealed to have been infiltrated, and similar rumors have emerged for Bloomberg and the Washington Post in what appears to be a systematic hostile campaign.

In particular the attack against the NYT has apparently confirmed the inadequacy of signature-based antivirus against targeted attacks. As the same New York Times admitted, over the course of three months, the foreign attackers installed 45 pieces of custom malware, but the antivirus in use, made by Symantec, was only able to detect one instance of malware over the entire sample.

The security firm has immediately replied to those allegations:

“Advanced attacks like the ones the New York Times described … underscore how important it is for companies, countries and consumers to make sure they are using the full capability of security solutions. The advanced capabilities in our endpoint offerings, including our unique reputation-based technology and behaviour-based blocking, specifically target sophisticated attacks. Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough.”

Said in few words: signatures alone are not enough. The sophistication of the next generation targeted attacks require advanced security capabilities such as reputation and behavioral analysis.

According to the scant information available even the Washington Post used Symantec technology to protect its assets, and even in this case it could not prevent the hostile attackers to systematically compromise computer systems.

I wonder if this double coincidence could somehow be connected to the infamous leak of Symantec antivirus source code which occurred (or better was made public) approximately one year ago (the 6th of January 2012). As a consequence of the breach (that allegedly dates back to 2006) the source code of two old products (Symantec Antivirus Corporate Edition 10.2 and Symantec Endpoint Protection 11) were leaked on the Internet. Of course the affected products have been greatly modified since then, nevertheless it is likely that any core functions have not evolved, so in theory, hostile hackers could have taken a (detailed) look at them and have consequently found ways to evade the antivirus (some claim that a similar scenario happened for the infamous RSA breach).

Of course this is just a speculation, maybe the reality is much more simple: traditional antivirus technologies are not enough to thwart sophisticated targeted attacks.

October 2012 Cyber Attacks Timeline

November 2, 2012 Leave a comment

Click here for the first part covering the Cyber Attacks from 1 to 15 October 2012.

Here is the timeline for the main Cyber Attacks in October 2012. A month that has been characterized by hacktivism and also by several remarkable cyber crime operations.

For sure the next days will be hard for taxpayers of South Carolina, whose Department of Revenue has been targeted by foreign hackers able to access records of 3.6 million of individuals. But hard days are going to come also for banks: not only the trail of DDoS attack against U.S. Banks has continued even in the second half of the month (although different groups took credit for them), but also, on the cyber crime front, Citigroup has lost 1 million of bucks because of a loophole exploited by a ring of 13 individuals. Different motivations, same lesson: bank security needs a dramatic improvement.

Moving to hactkivism, nothing new under the sun. The pale sun of October has enlightened several operations targeting governments (Greece and Italy above all, to reflect the delicate situation of these two countries) and organization all over the world…

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…
Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

July 2012 Cyber Attacks Timeline (Part II)

August 3, 2012 1 comment

Click here for Part I.

The Dog Days are nearly here. Weather forecast are announcing for Italy one of the hottest summers since 2003, and the same can be said for the Infosec temperature, although, July 2012 has been very different from the same month of 2011, which was deeply characterized by hacktvism.

Instead looks like that hacktivists have partially left the scene in favor of cyber criminals who executed several high profile breaches also in the second part of the month: Maplesoft, Gamigo, KT Corporation and Dropbox are the most remarkable victims of cyber-attacks, but also other important firms, even if with different scales, have been hit by (improvised) Cyber Criminals. One example for all? Nike who suffered a loss of $80,000 by a 25-year improvised hacker, who decided that exploiting a web vulnerability was the best way to acquire professional merchandise.

But probably the prize for the most “peculiar” cyber-criminal is completely deserved by Catherine Venusto, who successfully changed her sons’ grade for 110 times between 2011 and 2012.

As far as the Hacktivism is concerned, although we were not in the same condition of one year ago (a leak every day kept security away), this month has offered the massive leak of the Australian Provider AAPT, with 40 gb of data allegedly stolen by the Anonymous.

Last but not least, a special mention for the cyber espionage campaigns, that had an unprecedented growth in this month: Israel, Iran, Japan, the European Union and Canada, are only few of the victims. Iran gained also an unwelcome record, the first nation to be hit by a malware capable of blasting PC speakers with an AC/DC song…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Nokia e Microsoft: Matrimonio Al Volo

February 11, 2011 3 comments

E alla fine il gran giorno è arrivato: il fatidico #feb11 si è concretizzato, e in un tranquillo venerdì di febbraio Nokia e Microsoft hanno annunciato l’alleanza strategica di cui si vociferava da qualche tempo. L’alleanza porterà nel corpo metallico dei terminali Nokia un cuore a finestre e si estenderà agli altri prodotti e servizi di Casa Microsoft: Il motore di ricerca Microsoft Bing e i servizi pubblicitari adCenter costituiranno i punti di ingresso al mondo Web dei terminali Nokia, mentre Nokia porterà in dote la sua consolidata forza nell’imaging. Ovi Maps sarà un tassello centrale nei servizi di georeferenziazione Microsoft e sarà integrato con Bing, mentre nello stesso tempo, Ovi Store (il mercato di applicazioni di casa Nokia) sarà assimilato integrato nel Marketplace di Microsoft. Xbox Live e Office saranno anche della partita e integrati nei futuri terminali di Nokia. La speranza congiunta è quella di distruggere gli altri ecosistemi mobili attuali e di vincere le prossime sfide.

Il CEO di Nokia, Stephen Elop, non ha perso tempo e ha suggellato l’unione tramite il Canarino Azzurro, restituendo al mittente il tweet aviario con cui Vic Gundotra, Vice-President di Google, aveva liquidato le voci del presunto matrimonio,  rispondendo con un ulteriore cinguettio in tema aereo:

@cheureux Or this: Two bicycle makers, from Dayton Ohio, one day decided to fly. #NokMsft#feb11

In cui, i più ferrati in materia (tra cui il mio caro amico e collega David Cenciotti) avranno sicuramente riconosciuto un  elegante richiamo ala favola dei Fratelli Wright, inventori pionieri del volo moderno).

Tra un cinguettio e l’altro, gli invitati al matrimonio dei due giganti dovranno prepararsi ad un funerale. La cronaca di una morte annunciata è quella di Symbian che, come prevedibile, verrà sacrificato sull’altare nuziale di Redmond ed Espoo. Durante la conferenza di oggi sono state difatti mostrate da Stephen Elop e dal Direttore Finanziario di Nokia, Timo Ihamuotila (e chi conosce i CFO sa che questo è forse il lato più preoccupante), alcune slide significative in cui, tra la mancanza furbesca di date, viene evidenziato il lento ma inesorabile declino del sistema operativo bandiera di Casa Nokia.

Nel frattempo, l’Androide Verde continua a macinare quote di mercato (ultima analisi in ordine di tempo, in cui l’Androide ha superato Symbian, è quella di Canalys). La diffusione dell’Androide è talmente elevata che RIM sta pensando a un possibile abbocco finalizzato a garantire la compatibilità del Playbook, tablet di casa, con le applicazioni del sistema operativo Androide. Ultima voce in ordine di tempo è quella di Bloomberg secondo cui RIM sta sviluppando in casa una macchina virtuale Java (disponibile nella seconda metà del 2011) per poter far girare i famosi pacchetti apk del sistema operativo Google.

Una cosa è certa: il Sistema Operativo Google sta sconvolgendo il mercato allo stesso modo in cui si augurano di fare i novelli sposi Nokia e Microsoft. Speriamo solo che il tuffo dalla piattaforma in fiamme di Symbian si trasformi nella favola del volo dei fratelli Wright e non nel famoso romanzo di Jules Verne “20.000 leghe sotto i mari”.


Get every new post delivered to your Inbox.

Join 3,316 other followers