About these ads

Archive

Posts Tagged ‘Cyber Attacks’

16-31 May 2014 Cyber Attacks Timeline

Here we are with the second part of the timeline of May (first part here).

Summer is coming here, and looks like attackers prefer to spend more  time in the beach rather than in front of their keyboards. In fact the number of reported attack is confirming its decreasing trend, at least for this part of the year.

Nonetheless, the second part of may has brought some noticeable events, such as the attack to Ebay (potentially 145 million accounts compromised), the attack against the Avast! Forum (400,000 records compromised) and the Arkansas State University (“only” 50,000 records). Other noticeable (and funny) event includes the hack of a San Francisco road sign by a prankster announcing the attack by Godzilla!

Cyber Spies were indeed pretty active in this period. Chronicles report of the Operation Clandestine Fox, a cyber attack against several industries in Australia, an undisclosed utility attacked in the US, a three year social network poisoning campaign sponsored by Iran and, last but not least, the alleged attack against the $12.7 million supercomputer in New Zealand from Chinese attackers.

Instead the operations from Law Enforcement Agencies against Hacktivists seem to be effective, the number of attacks motivated by hacktivism is dramatically reducing.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 May 2014 Cyber Attacks Timelinesv2

Read more…

About these ads

4 Years of Cyber Attacks

I would like to thank once again ISMS Forum Spain for having invited me at their XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos.

I was part of a very interesting panel “Fighting Cyber Threats” during which I was given the opportunity to show some stats collected from my blog.

Here’ s the presentation I showed. Hope it is useful to spread awareness.

Please read carefully the caveats. As always the data cannot be exhaustive, nevertheless they are useful to provide an overview of what’s going on!

1-15 May 2014 Cyber Attacks Timeline

May 27, 2014 1 comment

Here we have with the list of the most significant Cyber Attacks happened in the first half of April (according to my very own point of view).

There are few doubts about the fact that Orange is the winner of the unwelcome prize for the most noticeable breach after the theft of the information of 1.3 million users.

Other interesting events related to Cyber Crime include the breach of Bitly, the famous URL shortening service and a new heist against a virtual currency wallet (this time the victim is Doge Vault, one of the most popular online repositories for the cryptocurrency Dogecoin).

Moving to Cyber Espionage, this month reports two interesting events, the theft of Data related to the Ukraine crisis from the Belgian Foreign Ministry, and the discovery of Operation Saffron Rose, a long-term campaign against western defense contractor carried on by a team of Iranian hackers dubbed Ajax Security Team.

Last but not least, among the hacktivists, chronicles report of  a new action of the infamous Syrian Electronic Army (against four accounts of The Wall Street journal) and the usual skirmishes between Pakistani and Indian hackers (but is questionable in my opinion to determine if those events can be classified as part of a harmless cyber war or are rather mutual actions between hactivists acting on opposite sides).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2014 Cyber Attacks Timelines Read more…

1-15 April 2014 Cyber Attacks Timeline

And here it is the timeline reporting the Cyber Attacks happened during the first half of April 2014, a month probably long remembered within the Infosec Chronicles for the discovery of the terrible Heartbleed bug (two attacks have been recorded, so far, related to this devastating vulnerability).

Besides the infamous Heartbleed, the most important events of this timeline are related to Cyber Crime. Germany in particular had a bad surprise, with the discovery of a list of 18 million compromised e-mail accounts and passwords, affecting all major German Internet service providers. The list of the remarkable targets also includes Lacie, victim of a malware putting at risk the users who performed on-line purchases from the company web site, the Harley Medical Group (500,000 accounts potentially compromised) and, once again, South Korea where unknown hackers were able to steal the personal information of about 200,000 credit card users, racking up fraudulent charges of about $115,ooo.

The feared wave of cyber attacks against Israel, promised by several Anonymous affiliated hacktivists for the 7th of April, did not happen. The impact of the attacks was limited and in many cases several old leaks were ‘recycled’.

Last but not least, Germany’s Space Research Center in Cologne, was the victim of a targeted attack. Suspects point to China.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2014 Cyber Attacks Timelines Read more…

1-15 March 2014 Cyber Attacks Timeline

March 31, 2014 2 comments

And here we are with the timeline of the main Cyber Attacks happened during the first half of March.

Even if globally the number of attacks seems to keep on its decreasing trend, one event in particular will probably be remembered in the chronicles of 2014: definitely the breach to KT Corp. in Korea (12 million customers compromised) deserves a special mention (despite this is not the only one in this first half of the month), even if, apparently, the authors have been immediately busted.

Other interesting trends include the long trail of attacks against Bitcoin Exchange sites (the equivalent of $700.000 has been vaporized by hackers in this two weeks) and an anomalous number of attacks against Universities (North Dakota, Johns Hopkins and Central Oklahoma).

Moving to hacktivism, the landscape has been predictably influenced by the events happening in Ukraine (chronicles report of several attacks in Ukraine, Russia, Poland and also a DDoS against some NATO web sites).

The temperature on the Cyber Espionage front remains high, most of all in India where a local newspaper has unveiled some details related to an operation compromising 50 computers belonging to the Defense Research and Development Organization.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Mar 2014 Cyber Attacks Timeline

Read more…

16-28 February 2014 Cyber Attacks Timeline

Here is the list of the main Cyber Attacks happened during the second half of February 2014 (Part I here). As you will soon discover, unlike the previous months, the activity in this second half of February has shown a sensible decrease both in number and in size in comparison with the previous months.

One of the few exception to this decreasing trend is  the University of Maryland, that was the victim of a cyber attack that led to the compromising of more than 300,o00 records.

Apparently even the hacktivists have slowed down their attacks with few exceptions (the Syrian Electronic Army and some sporadic actions executed by hackers affiliated to Anonymous.

Interestingly the cyber espionage front has been the more interesting with a couple of remarkable events (a cyber attack against a French aerospace engine maker and the revelation of further details concerning the Iranian attack against a US Navy Computer Network.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-28 Feb 2014 Cyber Attacks Timelines Read more…

1-15 February 2014 Cyber Attacks Timeline

And here we are with the timelines of the main Cyber Attacks happened during the first half of February.

It is very hard to summarize these days from an Infosec perspective, considering the noticeable number of massive breaches: Kickstarter (potentially 5.6 million of records affected), Forbes (1 million records leaked), Orange (800,000 users impacted) and St. Joseph Health System (400,000 users affected) are the main examples, but they must not overshadow other ‘minor’ events such as the the attack against Bell.ca (‘only’ 40,000 users affected).

15 days in which Cybercrime and Hacktivism dangerously overlapped, ‘thanks’ mainly to the infamous Syrian Electronic Army, author of the hack against Forbes but also of several account hijacking attacks that have become their unique fingerprint, but also ‘thanks’ to the RedHack collective who, once again, targeted (directly or indirectly) the Turkish Government with three noticeable attacks.

Last but not least, the Cyber Espionage: the first half of February has brought us the discovery of “The Mask” (AKA Careto), a massive Operation targeting 31 countries around the world, but also the revelation of an alleged attack carried on by Huawei against the Indian provider BSNL and a further purported Chinese attack against some bio-medic industries in the U.S.

Finally, the Cyber War between India and Pakistan deserves a special mention, despite only defacements have been reported, the end of the fight is far from being reached.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2014 Cyber Attacks Timelines Read more…

Follow

Get every new post delivered to your Inbox.

Join 2,945 other followers