Archive

Posts Tagged ‘Cyber Attacks’

1-15 May 2015 Cyber Attacks Timeline

It’s time for the first timeline of May, reporting the main cyber attacks occurred between 1 and 15 May 2015.

The Summer is at the gates, but apparently the nice weather is not stopping the attackers from their intentions: I have recorded 52 attacks, a dramatic turnaround in comparison with April, and a strong indication that the slowing trend of the past couple of months has suffered a sudden stop.

All the three main categories (Cyber Crime, Hacktivism and Cyber Espionage) have reported a surge in the number of attacks, and not only in terms of number.

Hacktivism has been characterized by the unwelcome return of the Syrian Electronic Army, who has hacked (again) the Washington Post, and by several operations carried on by the Anonymous collective (with a wide range of targets, spanning from Expo 2015 to the World Trade Organization).

Cyber Crime has been characterized by the publication on the Dark Web of the whole database of mSpy (a mobile spyware Firm) putting at risk potentially 400,000 users, an action that has overshadowed all the other events.

Even the Cyber Espionage landscape appears quite worrisome. I have counted on 4 operations, and of course I could not help but include the attack against the Penn State’s College of Engineering (two cyber intrusions allegedly originating from China, which potentially exposed 18,000 users) and also a “sophisticated attack” against the German Parliament.

As usual, keep the level of attention high, and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2015 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

April 2015 Cyber Attacks Statistics

Country DistributionEven if I am little late, I can finally publish the statistics derived from cyber attacks timelines of April (Part I and Part II).

Something new happened in the Country Distribution chart. I am not obviously referring to the large red circle labeled US (a consolidated trend that is far to be overturned), but rather to Israel which, for the first time, ranks on top of the countries hit by attacks motivated by hacktivism. Clearly a consequence of the multiple actions perpetrated against this country in name of the so-called “OpIsrael” (even if, in reality, the damages inflicted were not so relevant).

This spree of attacks against Israel is not immediately visible in the Daily Trend of Attacks chart. In theory OpIsrael was planned for April 7th, however the attacks have been distributed around that day (actually the actions have continued for the first three weeks of April). The only noticeable peak is on April 14th, but the contribute of OpIsrael to that is nearly negligible.

Daily Trend of Attacks Apr 2015The shadow of OpIsrael also affects the Motivations Behind Attacks chart. Cyber Crime ranks on top, but its percentage plummets to 55.2% from 69% of March. On the other hand, Hacktivism grows accordingly, jumping to 32.2% (was 20.7% on March). The events related to Cyber Espionage and Cyber Warfare also report a small growth (respectively 9.2% and 3.4% in contrast to 8% and 2.3% of the previous month).

Motivations Apr 2015SQLi ranks on top of the Attack Techniques chart, but the real surprise of the month is the staggering 11.5% that places targeted attacks at the 4th place among the known ones. We have been used to see SQLi, Defacement and DDoS swapping their positions in the podium on a regular basis, but a similar value for targeted attacks has never been recorded, as far as I can remember.

Attack Techniques Apr 2015For the eighth month in a row, industry ranks on top of the Distribution of Targets chart with 29.9%, a value slightly increasing, but comparable with 28.7% of March. Governmental targets rank at number two with 14.9%, whereas educational targets close the podium with 10.3%, just above the organizations out of the top three with a “modest” 9.2%.

Targets Apr 2015The Industry Drill Down chart confirms E-Commerce sites on top, despite the most noticeable finding of April is probably the though period for targets belonging to TV Broadcast, Hospitality and Online Gambling, which collected together one third of the “unwelcome attentions” of attackers. well above the other categories. On the other hand, the Organization Drill Down chart places Software organizations on top, as reported in the corresponding Drill Down chart.

Industry Drill Down April 2015Org Drill Down April 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

March 2015 Cyber Attacks Statistics

Country DistributionIt’s time to aggregate the two Cyber Attack Timelines for March 2015 (Part I and Part II) into statistics.

As always, let’s start from the Country Distribution chart, which, similarly to March, sees the United States on top, followed by the United Kingdom and Australia.

After a slow start, the Daily Trend of Attacks chart shows an heterogeneously growing trend, at least up to March 29th, where the monthly peak is achieved, after which, a sudden drop appears and continues until the end of the month.

Daily Trend March 2015

We have been used to see Cyber Crime on top of the Motivations Behind Attacks chart, and March inevitably confirms this trend, with a percentage that slightly drops to 69% from 73.8% of February. Hacktivism is in line with the previous month, (20.7% vs 19%), as also Cyber Espionage is (8% vs 7.1% of February). I have also recorded a couple of events related to Cyber Warfare.

Motivations March 2015

The technique behind the 19.5% of the attacks remains uncertain, however, once again SQLi ranks on top of those known, even if the percentage drops to 16.1% from 25.3% on March. Defacements and Accounts Hijackings complete the podium of the known attacks, swapping their positions in comparison to March. The others follow…

Techniques March 2015

For the seventh month in a row, industry ranks on top of the Distribution of Targets chart with 27.6%, a value slightly increasing, but comparable with 26.2% of the previous month. Organizations show up in second place with 17.2%, ahead of Governments, at the third place, with 12.6%.

Targets March 2015

Again, the Industry Drill Down chart is extremely fragmented, the only constant is the terrible moment for the E-Commerce sites, which rank on top, well above the other categories. On the other hand, the Law Enforcement institutions are the preferred targets for the Organizations, as reported in the corresponding Drill Down chart.

Industry March 2015Org March 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

February 2015 Cyber Attacks Statistics

March 9, 2015 7 comments

Country Feb 2015Here we go with the aggregated statistics extracted from the Cyber Attacks Timelines of February 2015 (Part I and Part II).

As we normally do, let’s start from the Country Distribution Chart, which is led, as usual, by the United States. All the other countries are essentially aligned on the same level, with the sole exception of the United Kingdom, which slightly emerges over the others.

The Daily Trend of Attacks  shows quite a heterogeneous distribution throughout the month. After a slow start, two peaks emerge on the 10th and the 14th.

Daily Trend Feb 2015

Even in February, Cyber Crime is on top of the Motivations Behind Attacks Chart, increasing its percentage to 73.8% from the 67.4% of January. Hacktivism slows down to 19% (from 29.2%), whereas Cyber Espionage jumps to 7.1% (was 1.1% in January).

Motivations Feb 2015

For the second month in a row SQLi ranks on top of the Attack Technique Distribution Chart with 25.3% (was 33.7% on January). Account Hijackings and  Defacements swap their positions and complete the podium for the known attacks despite the third place of Defacements is in co-location with Targeted Attacks (quite a remarkable result).

Techniques Feb 2015

For the sixth month in a row, industry ranks on top of the Distribution of Targets chart with 26.2%, a value comparable to the 28.1% of the previous month). Single Individuals rank at number two (13.6%) and Organizations at number three (11.9%). Curiously this month Governmental targets are outside the podium, slightly ahead of  Educational (and Financial) targets.

Targets Feb 2015

The Industry Drill Down chart is extremely fragmented, however the terrible moment for the E-Commerce sites continues. On the other hand, the Non-Profit institutions are the preferred targets for the Organizations, as reported in the corresponding Drill Down chart.

Industry Drill Down Feb 2015Organization Drill Down Feb 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

January 2015 Cyber Attacks Statistics

February 5, 2015 6 comments

Country DistributionIt is time to summarize the data collected into the January 2015 Cyber Attacks timelines (Part I and Part II) into valuable statistics.

Many readers keep on asking where the information used to create the stats comes from. The answer is always the same: the statistics are created elaborating the timelines that I collect (approximately) on a bi-weekly basis and I publish on this blog (see also the Cyber Attacks Master Index).

I cannot be exhaustive, but at least my intention is just to provide an overview of the Threat Landscape, reporting the attacks that gained space in the media.

Moving to the data, as usual, the United States lead the Country Distribution chart for each category. The surprises of this month are France and UK, which win the “silver medal” having suffered an unusual number of cyber attacks by Pro-Islamist hacktivists, but also a number of “more traditional” attacks related to cyber crime, a number well above the average.

The Daily Trend of Attacks Chart shows an initial peak, a new concentration of activity in the middle of the month, followed by a decreasing trend with a partial revamp towards the end.

Daily Trend Jan 2015

Cyber Crime is always on top of the Motivations Behind Attacks Chart, even if with a small decrease in comparison with December (67.4% vs 72.6%). All in favor of hacktivism, which bumped up to 29.2% from 17.8%. On the opposite site, Cyber Espionage is well below the noticeable 8.8% of December.

Sometimes it comes back! I am obviously talking about SQLi, which, after several months in the shadow, ranks on top of the Attack Technique Distribution Chart (and even with quite an important value (33.7%). Defacements and Account Hijackings complete  the podium for the known attacks.

For the fifth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart (but the 28.1% recorded this month is notably smaller than the 47.9% reported in December). Governmental targets rank at number two, and educational institutions are at the third place exactly just like one month ago.

Once again, E-commerce leads the drill-down chart for the industrial targets, whereas Non-Profit are on top of the corresponding chart for organizations.

Ind Drill Down Jan 2015 Org Drill Down Jan 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 January 2015 Cyber Attacks Timeline

January 20, 2015 4 comments

It’s now time for the first chart of this 2015, a year that has begun in the worst way even from an Information Security perspective, given the high number of attacks recorded in the first half of January.

Unfortunately the sad events happened in Paris have inevitably conditioned this period: France has been the target of an unprecedented number of cyber attacks (approximately 19,000) allegedly carried on by Islamist hackers and strictly related with the events of the Charlie Hebdo. Nearly in contemporary, the Anonymous have declared war against the IS-IS and have taken down several Jiahdist sites. In the meantime the pro IS-IS hackers of the Cyber Caliphate have found the time to hijack the Twitter account of the CENTCOM: the US military command that oversees operations in the Middle East.

France has also been one of the main targets for Cyber Criminals, since the most remarkable breach of this two weeks has hit the shopping site of TF1, the most important local TV stations (nearly 2 million records possibly compromised). There is also indication of a possible attack to the Spanish affiliate of Orange, but it has not been confirmed.

Other noticeable events of this period concern a possible breach to the EA/Origin service, another (failed) attempt to blackmail a bank, perpetrated by the infamous Rex Mundi collective, and, on a different scale a massive malvertising campaign targeting sites with a combined total monthly traffic of around 1.5 billion visitors.

However, at least for once, I have not recorded events related to Cyber Espionage.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Jan 2015 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2014 Cyber Attacks Statistics

January 9, 2015 5 comments

CountryThe new year has just begun, and here we are with the last blog post for the 2014 just gone related to the Cyber Attacks statistics derived from the timelines of December (Part I and Part II).

As usual, the US dominate the Country Distribution Chart for all the sectors taken into consideration, well ahead all the other countries.

The Daily Trend of Attacks Chart shows a concentration of activity in the central period of the month (maybe the Christmas atmosphere is particularly inspiring for crooks). After a slow start (or better an initial decrease), the trend climbs up, remaining quite constant for about 10 days.

Daily Trend Dec 2014

Cyber Crime rules! Or at least this is what the Motivations Behind Attacks Chart states. Actually this is quite a common situation, however, what is really surprising is the percentage, boomed to a noticeable 72.6% against the 55.8% of the previous month. As a consequence all the other sectors report values, sensibly smaller than the previous month.

Motivations Dec 2014

Tbe actions of the infamous Lizard Squad have brought DDoS on top of the Attack Techniques Chart (among the known ones). For the first time equally placed with Defacements and DDoS attacks. Once again, targeted attacks rank at number four with 9.8%, substantially in line with November.

Techniques Dec 2014

For the fourth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart with an unprecedented 47.9%. Governmental targets rank at number two (13.7%), while educational institutions enter the top three with 9.6%.

Targets Dec 2014

E-commerce leads the drill-down chart for the industrial targets, whereas Human Rights are on top of the corresponding chart for organizations.

Industry Drill Down Dec 2014Org Drill Down Dec 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,788 other followers