Archive

Posts Tagged ‘China’

1-15 May 2015 Cyber Attacks Timeline

It’s time for the first timeline of May, reporting the main cyber attacks occurred between 1 and 15 May 2015.

The Summer is at the gates, but apparently the nice weather is not stopping the attackers from their intentions: I have recorded 52 attacks, a dramatic turnaround in comparison with April, and a strong indication that the slowing trend of the past couple of months has suffered a sudden stop.

All the three main categories (Cyber Crime, Hacktivism and Cyber Espionage) have reported a surge in the number of attacks, and not only in terms of number.

Hacktivism has been characterized by the unwelcome return of the Syrian Electronic Army, who has hacked (again) the Washington Post, and by several operations carried on by the Anonymous collective (with a wide range of targets, spanning from Expo 2015 to the World Trade Organization).

Cyber Crime has been characterized by the publication on the Dark Web of the whole database of mSpy (a mobile spyware Firm) putting at risk potentially 400,000 users, an action that has overshadowed all the other events.

Even the Cyber Espionage landscape appears quite worrisome. I have counted on 4 operations, and of course I could not help but include the attack against the Penn State’s College of Engineering (two cyber intrusions allegedly originating from China, which potentially exposed 18,000 users) and also a “sophisticated attack” against the German Parliament.

As usual, keep the level of attention high, and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2015 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 April 2015 Cyber Attacks Timeline

Spring is sprung, but unfortunately the nice season is not enough to keep the crooks’ hands off their keyboard, as the growing trend continues, and this first half of April has shown a sustained number of attacks.

The most illustrious victim is Lufthansa, whose frequent-flyers website has been hacked, with the attackers able to harvest miles from the unaware victims. Other noticeable events, always related to cyber crime, include the compromise of Linux Australia, and the discovery of Operation Buhtrap, a campaign targeting Russian banks.

But it’s maybe the cyber espionage front, the one that offered the most interesting events over the past two weeks. Chronicles reports a Russian intrusion inside the White House, the discovery of APT30, a decade-long state-sponsored campaign targeting South-East Asian assets, and the first example of an APT-to-APT campaign, something fairly more complex than a simple skirmish between Hellsing and Naikon, two enemy gangs.

Last but not least the Hacktivism has offered some remarkable events either. The most devastating has happened in France, where Pro-ISIS hackers have taken off TV5Monde, a national broadcast. And that’s not been the only one, since other minor defacements, carried on by Islamist hackers, have interested targets all over the world. Among the victims of this tide of attacks there is also the official Vatican website, despite the reason of the attack is a retaliation against the words of Pope Francs, who used the term ‘genocide’ to refer the mass killing of Armenians by Turks.

The 7th of April was also an important date for the hacktivists all around the world. Each year in this day, they reunite their efforts against a single target: Israel, which becomes the victim of the so-called OpIsrael. Of course this punctually happened, but just like the past year, the damages were marginal.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2015 Cyber Attacks Timeline Read more…

16-31 March 2015 Cyber Attacks Timeline

I am back in business after a short vacation period (now and then it happens!), just in time to publish the second Cyber Attack timeline of March (the first one is here), which confirms the growing trend we have been experiencing in 2015.

Two weeks packed with events, started in the worst possible way, with the massive cyber attack against Premera Blue Cross (11 million customers affected), and continued with the same baffling trend, since the list of organizations targeted by massive breaches, includes other primary companies such as British Airways, Slack and Twitch (an Amazon-owned game video streaming service).

Two weeks that also saw a sustained DDoS attack against GitHub, the discovery of several campaigns (Operation Woolen-Goldfish, the Trojan.Loziak malware targeting oil and gas companies, and the Volatile Cedar campaign originating in Lebanon), and also an official statement issued by the South Korean government, blaming North Korea for the network intrusions that stole data from Korea Hydro and Nuclear Power (KHNP).

In background, the usual sea of smaller events driven by hacktivism or cybercrime.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2015 Cyber Attacks Timelines Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 February 2015 Cyber Attacks Timeline

February 17, 2015 Leave a comment

I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.

These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.

It is very hard to choose which one deserves the (not so) coveted prize, in any case a consideration is worth: there could not have been a worst way to begin this 2015 Infosec year.

Moving on along the timeline, other interesting events appear, such as the compromising of the Forbes web site (again Flash is on the spot) by a Chinese APT Group dubbed Codoso, a “mobile tail” of the Operation Pawn Storm, now spreading to iOS devices, and eventually an unprecedented campaign targeting Syrian rebels using a combination of fake social media and Skype accounts associated with fictional female characters.

In background, as usual, multiple events driven by hacktivism, whose most remarkable one is undoubtedly the massive campaign carried on by the Anonymous collective, aimed to erase hundreds of pro-ISIS accounts and profiles from the Cyber Space (in particular from Facebook and Twitter).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2015 Cyber Attacks Timeline Read more…

16-31 January 2015 Cyber Attacks Timeline

February 2, 2015 2 comments

It’s time for the second part of the January Cyber Attacks Timeline (Part I here).

In comparison with the first half of the month, in absolute terms, these two weeks have seen a slightly smaller number of attacks. However, even if the general trend has shown a decrease, the hacktivists (most of all the pro-Islamist ones) have been equally very active (and the French evening newspaper Le Monde, fallen under the keystrokes of the infamous Syrian Electronic Army, is the most illustrious victim).

Turning the attention to Cyber Crime, the most important event related to this category is probably the leak of 700,000 accounts from the Australian travel insurer Aussie Travel Cover. Of course there are many other background events, but no one reached an impact as noticeable as that.

Last but not least, I have not recorded noticeable events or campaigns related to Cyber Espionage.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Jan 2015 Cyber Attacks Timeline Read more…

16-31 December Cyber Attacks Timeline

January 5, 2015 Leave a comment

Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).

No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).

But the latter was not the only attack targeting the Tor anonymity service in this period, which also suffered an unexplained outage affecting a cluster of Tor Directory Authority Servers in a Rotterdam data center.

Other noticeable events concern the outage of the Internet connection in North Korea (despite it is not completely clear if caused by a cyber attack or a fault), a malware detected in a South Korea power plant, the attacks targeting the ICANN and the ISC Consortium, two among the most important organizations for the Internet, and (yet another) breach targeting NVIDIA.

Moving to a different topic, all in all the hacktivists decided to enjoy the Christmas vacations with the exception of the Syrian Electronic Army who were back, and defaced an online magazine, the International Business Time, for an article against the Syrian regime.

Last but not least, with regard to  Cyber Espionage, there have been two operations discovered in this period: an alleged attack perpetrated by Chinese hackers against an Afghan CDN targeting directly many local governmental sites, and indirectly many foreign institutions, and also the discovery of the Anunak group, a well-organized crew able to steal USD $25 Million with a long lasting cyber espionage operation against targets in Europe and the US.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2014 Cyber Attacks Timeline Read more…

Follow

Get every new post delivered to your Inbox.

Join 3,788 other followers