I have updated the 2013 Cyber Attacks Timeline Master Index and the related Cyber Attacks Statistics. Now the two pages show all the data (and the related statistics) collected since January to August 2013. September data will be included once ready (hopefully in one week).
Enjoy your reading (and awareness)
I am quite in time with the list of the main Cyber Attacks occurred in the first half of July.
This period has been quite hard for the Video Games Industry with two noticeable events targeting Konami and Ubisoft (58 million of account potentially affected in this second case). Another noticeable breach involves the attack against the Italian Website of Sony, which lead to 40,000 records leaked.
Regarding hacktivism, Turkey keeps on being quite hot in this period, and not only for the Summer: several governmental targets have been hits by cyber attacks directly related to the OpTurkey initiative.
Last but not least: you will notice I have added a new column indicating the target country: for the sake of clarity, it refers to the nationality of the targeted organization and not to the geo-location of the targeted IP.
As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
WTF! This month I am terribly late with the Cyber Attack Timeline. I can anticipate that, as you will have probably guessed, this month we have seen an unprecedented rate of attacks.
I have already compiled the timeline of January, I still need a little bit of time to check it and to write the comments as usual. I still do not know if I will be able to publish it today or tomorrow (I am quite busy this afternoon) but, maximum at 12:00 CET of tomorrow it will be here.
Thanks for your patience, and please continue to support my work with your visits!
As I did last month for the Cyber Attacks occurred in April, I have aggregated the data collected on the timelines of May (on the right) in order to provide a consolidated view of the month according to the three parameters of Motivations Behind Attacks, Distribution of Targets and Distribution of Attack Techniques. Again, no need to repeat that data must be taken very carefully since they do refers only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the month.
As far as Motivations Behind Attacks are concerned, month after month, the charts are becoming monotonous. Cyber Crime ranked undoubtedly at number one with the 61% of occurrences. Twice the occurrences of Hacktivism which ranked at number two. In this chart, Cyber Warfare and Cyber Espionage motivated-attacks are well behind although they were few but good (One Flame was enough for this month, wasn’t it?).
The Distribution of Targets chart is highly fragmented even if with a familar pattern: Government targets ranked firmly on top of the preferences for the attackers, with Education and Law Enforcement targets completing the top three (although, compared to April, they swapped their positions in this unenviable chart). It worths to mention that targets belonging to organizations that offers on-line services are fragmented as well, but if the single entries are summed up, they would rank at number two with approximately the 15% of occurrences.
The Distribution of Attack Techniques chart whows that SQL Injection has been the preferred weapon used by Cyber Criminals in May, overtaking Distributed Denial of Service, the Cyber Paintball Pistol. Clearly the occurrences of DDoS attacks are influenced by the winds of hacktivism which did not blow so high in May. Interesting to notice a further important number of events (17% of the sample) related to unknown attacks targeting DBs, which clearly shows that data repositories are proving to be the weakes element of the chain. May the patch enFORCEment be with you!
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.