About these ads

Archive

Posts Tagged ‘Cyber Crime’

Jan-Apr 2014 Cyber Attacks Statistics

I have been quite busy in the last few months, so, unfortunately, I was not able to keep the pace with the statistics derived from my Cyber Attacks Timelines. However, thanks to the ISMS Forum Spain (Asociación Española para el Fomento de la Seguridad de la Información), I have been invited to take part at the XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos (to be held on May, the 28th in Madrid).

Taking advantage of this awesome opportunity, I have been able to reorganize the data collected so far for the events recorded in 2014.

What I show below, is a synthesis of this work. Further information will be presented in Madrid, and later in my blog. Meanwhile, I hope the information provided will satisfy the readers who kindly asked for an update of the stats.

Let us start with the Daily Attack Trend Chart.

Daily Attack Trend Jan-Apr 2014

Needless to say, the crooks have started this infosec year with the brakes on. Apart from few noticeable examples (for instance the peak on the 20th of April due to the NullCrew collective), the activity is quite low in comparison with the past years (again a full analysis will be shown in Madrid).

Drilling down the Daily Attack Trend:

Daily Attack Trend Drill Down Jan-Apr 2014

Shows a constant ‘bias’ of events related to Cyber Crime with some isolated peaks of Hacktivism. This is also evident from the Motivations Behind Attacks Chart.

Motivations Jan-Apr2014

Here the Cyber Crime dominates the chart, accounting for the 61% of the total events. Nearly twice more than Hactkivism, stuck to a ‘modest’ 31%. On the other hand Cyber Espionage and Cyber Warfare are quite stable at the values of 2013 when they were respectively at the 5% and 4% (but do not get carried away, the end of the year is far away and there is time to change along the way).

And the fall of Hacktivism finds another indirect confirm in the Distribution of Attack Techniques Chart:

Attack Techniques Jan-Apr2014Apparently fewer and fewer information is disclosed, so nearly one fifth of the recorded attacks if of uncertain origin. However both DDoS and SQLi confirmed the decreasing trend. On the other hand Account Hijacking maintains its growing trend (was 9% in 2013).

Last but not least, the Distribution of Targets chart:Targets Jan-Apr2014Targets belonging to industry rank at number one with the nearly 30% of occurrences, well ahead of governmental targets (at number two with nearly 19%) and organizations (at number three with nearly 12%). The others are behind (luckily for them).

Well, that’s all folks… At least so far… As I said before further data will follow…

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Enhanced by Zemanta
About these ads

September 2013 Cyber Attacks Statistics

October 20, 2013 Leave a comment

Even if with a small delay, it is time for the Cyber Attacks Statistics derived from the Cyber Attacks Timelines of September (Part I and Part II).

As usual let us begin with the Daily Trend of Attacks chart. The chart shows a clear peak on September, 27th, due to a wave of attacks of the Anonymous against the Cambodian Government. In general, the number of attacks reported on the news had an increase in the second part of the month.

September 2013 Daily Trend

No surprisingly, US lead the Country Distribution chart. Also, it is worth to mention the second place of Cambodia, as a direct consequence of the wave of attacks carried on by the Anonymous collective. India is in the middle of a Cyber War against Pakistan and this explains his bronze medal just ahead of UK.

September 2013 Country Distribution

The Motivations Behind Attacks chart shows an unexpected overtake of Hacktivism on Cyber Crime. It’s also worth to mention the unusual level of attacks motivated by Cyber Espionage, jumped to a noticeable 10%: better countermeasures that allow to discover a growing number of sophisticated cyber attacks or a consequence of the marketing hype? In any case September has been particularly hard for Oil and Energy Sector that suffered several targeted campaigns.

September 2013 Motivations

The Distribution of Attack Techniques chart is completely unedited. Looks like hacktivists are shifting their preferences to other “unconventional weapons” such as Defacements and Account Hijackings. Maybe these techniques grant more visibility and less risks for the authors. Surprisingly for this month DDoS has fallen to 9% from 17.8% of the previous month. On the other hand targeted attacks are stable at 4%.

September 2013 Distribution

The Distribution of Targets chart confirms governments at number one, just ahead targets belonging to industry. Targets belong to Law Enforcements gained several positions in comparison with the previous month, raising at number three with 6%. Drilling down to industry fragmentation, financial services and E-Commerce lead the chart.

September 2013 Target Distribution

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2013 Cyber Attacks Statistics

August 11, 2013 Leave a comment

It’s time for the Statistics related to the Cyber Attacks reported in the July 2013 Timelines (Part I and Part II).

You will find a (hopefully) welcome novelty from this month: as a matter of fact starting from July I begun to record the nationality of the targeted companies (not the domains), so the corresponding data will be reported in the statistics accordingly.

Let us begin with the Daily Trend of Attacks chart. Here the Summer shows its effects showing a constantly decreasing shape after the peak occurred the 15th.

July 2013 Trend

And here it comes the innovation. Easy Predictable US (well above the others) and UK lead the Country Distribution Chart, but even Pakistan is not that bad! The other countries are aligned at approximately the same levels. US and UK collected together the 45% of the attacks reported in the timelines.

Country Jul 2013

Just like the previous month, Cyber Crime leads the Motivation Behind Attacks chart. The levels are similar to the ones of the previous month with a light drop from 62% in June to 57% in the current month. On the other hand, unlike the past years, this summer seems quite problematic for the hacktivists, also due to the recent sentencing.

Motivations Jul 2013

It is true, this July has brought many innovations, and for the first time Defacements lead the Distribution Of Attack Techniques Chart. Also the account Hijackings are becoming very popular. For the first time (as far as I remember) SQLi and DDoS are out from the first three ranks, even if there is a meaningful amount of attacks for which it has not been possible to derive the used technique based on the available information. Kindly remind that I take defacements into consideration only when they are meaningful, that is targeting Governmental primary domains or high profile targets, or also when they cause the leaking of data.

Attack Techniques

Last but not least, Governmental targets lead the Distribution of Target chart with 29%. Industry ranks at number two, quite close (only three points far). The two categories swapped their places in comparison with the previous month. It is also interesting to notice the third position of single individuals, a consequence of the multiple attacks against Twitter accounts.

Industry Jul 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

June 2013 Cyber Attacks Statistics

Here we are with the statistics for the cyber attacks included in the June 2013 timelines (part I and part II). A priori this month should have been characterized by huge operations (such as the infamous OpPetrol), instead, all in all, the cyber activity was quite moderated as shown by the Daily Trend of Attack chart, that shows a single remarkable peak around the 3rd of July (when several primary DNS providers were the victims of DDoS attacks).

Trend June 2013

The Motivations Behind Attacks chart shows an evident predominance of Cyber Crime (with 62% of the occurrences). Please keep in mind that the stats cannot take into considerations all the attacks made under the umbrella of the so-called OpPetrol, since many attacks were considered fake or even old dumps “recycled” for this occasion. Without these attacks, hacktivism ranks at number two, well below, with the 26% of occurrences. It is also interesting the growing weight of cyber-espionage, with an 8% substantially in line with the 9% of the previous month.

Motivations June 2013

The Distribution of Attack Techniques chart is substantially in line with the previous month: SQLi leads the chart with nearly one third of the known occurrences, while DDoS ranks at number three with nearly 15%. A factor particular interesting in this chart is the growing influence of targeted attacks (11.1%) at the third rank among the known attacks, and fourth rank in general since in many cases (18.5%) it was not possible to detect the attack technique used.

Distribution June 2013

The Distribution of Target chart confirms the industry sector on top of the unwelcome attentions of the cybercrooks, immediately followed by governmental targets and essentially in line with the previous month. The news sector ranks at number three, immediately before Internet Services (as a consequence of the uncommon number of attacks reported against DNS Providers).

Target

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2013 Cyber Attacks Statistics

It’s time for a drill down to the Cyber Attacks Statistics for the month of May 2013. As many readers ask, the data for the stats is derived from the corresponding Cyber Attacks Timeline.

The Daily Trend of Attacks chart shows a month double-faced. After an initial peak, the first two weeks have shown a quite low activity. The second half of the month instead has shown a revamping of the activity.

Trend May 2013

The Motivations Behind Attacks chart is maybe the most interesting thing for this month: Cyber Crime has overtaken Hacktivism at the top of the chart, but most of all, the chronicles of this month have shed light on many noticeable attacks motivated by Cyber Espionage (most of all the infiltration against Qinetiq and the compromising of most sensitive U.S. advanced weapons systems). The Cyber War between Taiwan and Philippines also influenced the chart.

Motivations May 2013

The Distribution of Attack Techniques assigns to the SQL injection the crown of the most used weapon for the month of May. DDoS is “only” at the third place with the half of occurrences. It is interesting to notice the high rate of attacks made by mean of account hijacking, at number four with the 12% of occurrences. a clear consequence of the long trail of high-profile attacks perpetrated by the Syrian Electronic Army.

Attacks May 2013

In comparison with the previous months, the Distribution of Attacks Chart “misses” the influence of the DDoS attacks against the U.S. Banks. Industrial targets lead the chart, followed at close distance by Governmental targets. Victims belonging to Organizations rank at number three at a greater distance.

Targets May 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 February 2013 Cyber Attacks Statistics

February 22, 2013 1 comment

It is time for the statistics related to the Cyber Attacks occurred during the first half of January and inserted into the the corresponding timeline.

The Daily Trend of Attacks shows two major peaks, during the 3rd of February (corresponding to the wave of DDoS attacks against Egypt Governmental targets carried on in name of OpEgypt), and just at the end of the month, when the attacks in name of OpKashmir became stronger. A third peak is visible during the 8th and, not a coincidence, it is still due to hacktivism, and in particular to the so-called OpBankUnderAttack.

Daily Trend 1-15 February 2013

The Motivations Behind Attacks Chart confirms the trend consolidated in January with Hacktivism still at the top with exactly the same percentage (56%). Cyber Crime Ranks at the second please with one half of the occurrences (28%). It is interesting to notice the Cyber Espionage that has reached its higher value (9%), maybe a consequence of the hype surrounding APT that is characterizing this period. For the first time I also had to insert a new motivation: Art. Frankly I did not find any other way to explain the Democratization of the Offshore Business made by the Italian Artist Paolo Cirio.

Motivations Behind Attacks 1-15 Febrary 2013

SQL Injection keeps on leading the chart related to the Distribution Of Attack Techniques with 31% of occurrences, almost double than DDoS at the second place with 15.6%. It is particularly interesting to notice the presence of Targeted Attacks at the third place, the higher rank ever reached so far. Media hype on the wake of the clamorous attacks of the last days, or a real increased effectiveness of the technologies that allow to detect an increasingly growing number of attacks belonging to this class of threats?Distribution Of Attack Techniques 1-15 Febrary 2013

Last but not least, the Distribution of Targets Chart confirms governmental targets at the first place with nearly 30%, immediately followed by, as usual, industries (18.8%) and organizations (12.5%). In any case the level of attention of crooks is also high against targets belonging to the Financial and News sector, which steadily rank respectively at number 4 and 5 of this unwelcome chart with the 10.9% and 9.4%. The others follow….

Distribution Of Targets 1-15 February 2013

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 February 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

January 2013 Cyber Attacks Statistics

February 11, 2013 1 comment

Here are the statistics related to the Cyber Attacks included inside the January 2013 Cyber Attacks Timelines. A terrible month that has seen an unprecedented number of Cyber Attacks.

The Daily Trend Of Attacks emphasizes the peak in the second half of January, in particular the 24th has seen a surprisingly high rate due to the massive (and last, at least so far) wave of DDoS attacks against the U.S. Banks.

Daily Trend January 2013

The Motivations Behind Attacks Chart confirms the influence of hacktivism in this early 2013. More than half of the attacks (more precisely the 56%) were motivated by this reason. From this point of view the new year begins in a complete different way than 2012 when, despite the peak of attacks on the wake of the Megaupload shutdown, Cyber Crime led the chart with the 54% (against the 40% motivated by Hacktivism).

Motivations January 2013

Easily predictable, the plenty of attacks against U.S. Banks has brought the DDoS on top of the Distribution Of Attack Techniques Chart with almost the 40% of occurrences. SQLi follows closely with the 33%. It is interesting to notice the relatively high impact of Targeted Attacks (3.8%) mainly due to the sudden disclosure of (purported) Chinese Cyber Attacks against U.S. Media.

Distibution January 2013

Again, the attacks against U.S. Banks push the finance targets on top of the Distribution Of Targets Chart, ten points ahead of Governmental targets that, at least for this time, rank at the second place with the 21% of occurrences. Targets belonging to industry rank at the third place with the 13%.

Distribution Of Targets January 2013

Even in this promising 2013, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the January 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,041 other followers