Archive

Posts Tagged ‘Cyber Attacks’

February 2015 Cyber Attacks Statistics

March 9, 2015 7 comments

Country Feb 2015Here we go with the aggregated statistics extracted from the Cyber Attacks Timelines of February 2015 (Part I and Part II).

As we normally do, let’s start from the Country Distribution Chart, which is led, as usual, by the United States. All the other countries are essentially aligned on the same level, with the sole exception of the United Kingdom, which slightly emerges over the others.

The Daily Trend of Attacks  shows quite a heterogeneous distribution throughout the month. After a slow start, two peaks emerge on the 10th and the 14th.

Daily Trend Feb 2015

Even in February, Cyber Crime is on top of the Motivations Behind Attacks Chart, increasing its percentage to 73.8% from the 67.4% of January. Hacktivism slows down to 19% (from 29.2%), whereas Cyber Espionage jumps to 7.1% (was 1.1% in January).

Motivations Feb 2015

For the second month in a row SQLi ranks on top of the Attack Technique Distribution Chart with 25.3% (was 33.7% on January). Account Hijackings and  Defacements swap their positions and complete the podium for the known attacks despite the third place of Defacements is in co-location with Targeted Attacks (quite a remarkable result).

Techniques Feb 2015

For the sixth month in a row, industry ranks on top of the Distribution of Targets chart with 26.2%, a value comparable to the 28.1% of the previous month). Single Individuals rank at number two (13.6%) and Organizations at number three (11.9%). Curiously this month Governmental targets are outside the podium, slightly ahead of  Educational (and Financial) targets.

Targets Feb 2015

The Industry Drill Down chart is extremely fragmented, however the terrible moment for the E-Commerce sites continues. On the other hand, the Non-Profit institutions are the preferred targets for the Organizations, as reported in the corresponding Drill Down chart.

Industry Drill Down Feb 2015Organization Drill Down Feb 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

January 2015 Cyber Attacks Statistics

February 5, 2015 6 comments

Country DistributionIt is time to summarize the data collected into the January 2015 Cyber Attacks timelines (Part I and Part II) into valuable statistics.

Many readers keep on asking where the information used to create the stats comes from. The answer is always the same: the statistics are created elaborating the timelines that I collect (approximately) on a bi-weekly basis and I publish on this blog (see also the Cyber Attacks Master Index).

I cannot be exhaustive, but at least my intention is just to provide an overview of the Threat Landscape, reporting the attacks that gained space in the media.

Moving to the data, as usual, the United States lead the Country Distribution chart for each category. The surprises of this month are France and UK, which win the “silver medal” having suffered an unusual number of cyber attacks by Pro-Islamist hacktivists, but also a number of “more traditional” attacks related to cyber crime, a number well above the average.

The Daily Trend of Attacks Chart shows an initial peak, a new concentration of activity in the middle of the month, followed by a decreasing trend with a partial revamp towards the end.

Daily Trend Jan 2015

Cyber Crime is always on top of the Motivations Behind Attacks Chart, even if with a small decrease in comparison with December (67.4% vs 72.6%). All in favor of hacktivism, which bumped up to 29.2% from 17.8%. On the opposite site, Cyber Espionage is well below the noticeable 8.8% of December.

Sometimes it comes back! I am obviously talking about SQLi, which, after several months in the shadow, ranks on top of the Attack Technique Distribution Chart (and even with quite an important value (33.7%). Defacements and Account Hijackings complete  the podium for the known attacks.

For the fifth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart (but the 28.1% recorded this month is notably smaller than the 47.9% reported in December). Governmental targets rank at number two, and educational institutions are at the third place exactly just like one month ago.

Once again, E-commerce leads the drill-down chart for the industrial targets, whereas Non-Profit are on top of the corresponding chart for organizations.

Ind Drill Down Jan 2015 Org Drill Down Jan 2015

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines, aiming to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 January 2015 Cyber Attacks Timeline

January 20, 2015 4 comments

It’s now time for the first chart of this 2015, a year that has begun in the worst way even from an Information Security perspective, given the high number of attacks recorded in the first half of January.

Unfortunately the sad events happened in Paris have inevitably conditioned this period: France has been the target of an unprecedented number of cyber attacks (approximately 19,000) allegedly carried on by Islamist hackers and strictly related with the events of the Charlie Hebdo. Nearly in contemporary, the Anonymous have declared war against the IS-IS and have taken down several Jiahdist sites. In the meantime the pro IS-IS hackers of the Cyber Caliphate have found the time to hijack the Twitter account of the CENTCOM: the US military command that oversees operations in the Middle East.

France has also been one of the main targets for Cyber Criminals, since the most remarkable breach of this two weeks has hit the shopping site of TF1, the most important local TV stations (nearly 2 million records possibly compromised). There is also indication of a possible attack to the Spanish affiliate of Orange, but it has not been confirmed.

Other noticeable events of this period concern a possible breach to the EA/Origin service, another (failed) attempt to blackmail a bank, perpetrated by the infamous Rex Mundi collective, and, on a different scale a massive malvertising campaign targeting sites with a combined total monthly traffic of around 1.5 billion visitors.

However, at least for once, I have not recorded events related to Cyber Espionage.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Jan 2015 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2014 Cyber Attacks Statistics

January 9, 2015 5 comments

CountryThe new year has just begun, and here we are with the last blog post for the 2014 just gone related to the Cyber Attacks statistics derived from the timelines of December (Part I and Part II).

As usual, the US dominate the Country Distribution Chart for all the sectors taken into consideration, well ahead all the other countries.

The Daily Trend of Attacks Chart shows a concentration of activity in the central period of the month (maybe the Christmas atmosphere is particularly inspiring for crooks). After a slow start (or better an initial decrease), the trend climbs up, remaining quite constant for about 10 days.

Daily Trend Dec 2014

Cyber Crime rules! Or at least this is what the Motivations Behind Attacks Chart states. Actually this is quite a common situation, however, what is really surprising is the percentage, boomed to a noticeable 72.6% against the 55.8% of the previous month. As a consequence all the other sectors report values, sensibly smaller than the previous month.

Motivations Dec 2014

Tbe actions of the infamous Lizard Squad have brought DDoS on top of the Attack Techniques Chart (among the known ones). For the first time equally placed with Defacements and DDoS attacks. Once again, targeted attacks rank at number four with 9.8%, substantially in line with November.

Techniques Dec 2014

For the fourth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart with an unprecedented 47.9%. Governmental targets rank at number two (13.7%), while educational institutions enter the top three with 9.6%.

Targets Dec 2014

E-commerce leads the drill-down chart for the industrial targets, whereas Human Rights are on top of the corresponding chart for organizations.

Industry Drill Down Dec 2014Org Drill Down Dec 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline

December 22, 2014 Leave a comment

It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).

Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.

At least for once, let us start from hacktivism. The hacktivists seem to be back in action: the Anonymous have taken part, directly or indirectly to several operations motivated by the racial tensions in the US (DDoS attacks against Oakland and Ontario), the raids against the Pirate Bay (leaks of Governmental emails), and the protests against the new High Speed Train line connecting Turin and Lyon (the defacement of  Official website of the Rhône-Alpes region).

A different form of hacktivism (but the border with Cyber Warfare in this case is really blurred) hit Sands Casinos earlier this year. Bloomberg has revealed that an apparent innocuous defacement happened in February was actually the mark of a more devastating attack perpetrated by Iranian hackers, who were able to wipe out all the internal clients and servers.

The Cyber Crime landscape (again maybe it should be more correct to call it Cyber Warfare) is still dominated by the outcome of the Infamous attack to Sony. Other interesting events concern the attack to an unnamed steel industry in Germany, causing physical damages, yet another wave of DDoS attacks against Sony (again!) and XboX Live, and the alleged compromise of Ars Technica requiring the registered users to change their passwords.

Last but not least, the level of state-sponsored operations is always high: at least three of them deserve to be mentioned: Operation Cleaver (allegedly backed by Iran), the resurrection of the Red October Group (Cloud Atlas or Inception) and also the discovery that the ISIS is active also in the Cyber Space, targeting a group of Syrian activists.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline Read more…

November 2014 Cyber Attacks Statistics

December 8, 2014 Leave a comment

CountryIt’s time for the statistics derived from the Cyber Attacks Timelines of November (Part I and Part II).

Let us begin with the Country Distribution chart that, easy predictable, shows the US on top of all categories. However, globally, even Italy, Canada and UK show up, respectively for Hacktivism (the first two countries) and Cyber Crime (the latter).

The Daily Trend of Attacks chart shows a moderate activity with a peak on the 10th, and a plateau between the 13th and 14th. Despite the 5th of November is a day felt by Hacktivists, no noticeable operations have been recorded this year.

November 2014 Daily Trend

Once again Cyber Crime leads the Motivations Behind Attacks chart with 55.8% substantially in line with the previous month (was around 60%). Hacktivism ranks at number two with 28.6%, a remarkable increase compared to 13.8% of October. Whereas Cyber Espionage remains quite high (13%, despite in decrease compared to the record value of 17.2% recorded in October.

November 2014 Motivations

Defacements lead the Attack Techniques chart with 20.8% (among the known attacks). SQLi ranks at number two with 13.0% very close to DDoS, at number three with 11.7% (a consequence of the hacktivism driven hacking spree recorded in November). Targeted attacks rank at number four with 10.4%, still quite an important value, even if in decrease compared to 13.8% of October.

November 2014 Techniques

For the third month in a row, industry ranks on top of the Distribution of Targets chart (28.6%, nearly identical to October when it was 28.7%). As always governmental targets rank at number two (23.4%). While organizations are back at number three (14.3%).

November 2014 Targets

Again, targets belonging to E-Commerce rank on top of the Industry Dill Drown chart, while political organizations lead the Organization Drill Down chart.

Industry Drill Down November 2014Org Drill Down November 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 November 2014 Cyber Attacks Timeline

November 17, 2014 Leave a comment

The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.

Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).

Again the operations related to cyber espionage have played an important role: some new campaigns have come to light (for instance Darkhotel), and also several noticeable attacks have been discovered, like the one against the United States Postal Service (600,000 users affected) or the one against the National Oceanographic and Atmospheric Administration.

Even hacktivists have been quite active: the RedHack collective has reemerged from several months in stealth mode (they claim to have deleted 650,000 USD worth 0f electricity power debt), and some hackers claiming to be affiliated to the Anonymous collective have performed similar operations in Italy (in parallel with the delicate social and economical period) and the Philippines.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 November 2014 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Follow

Get every new post delivered to your Inbox.

Join 3,598 other followers