Archive

Posts Tagged ‘December’

December 2014 Cyber Attacks Statistics

January 9, 2015 5 comments

CountryThe new year has just begun, and here we are with the last blog post for the 2014 just gone related to the Cyber Attacks statistics derived from the timelines of December (Part I and Part II).

As usual, the US dominate the Country Distribution Chart for all the sectors taken into consideration, well ahead all the other countries.

The Daily Trend of Attacks Chart shows a concentration of activity in the central period of the month (maybe the Christmas atmosphere is particularly inspiring for crooks). After a slow start (or better an initial decrease), the trend climbs up, remaining quite constant for about 10 days.

Daily Trend Dec 2014

Cyber Crime rules! Or at least this is what the Motivations Behind Attacks Chart states. Actually this is quite a common situation, however, what is really surprising is the percentage, boomed to a noticeable 72.6% against the 55.8% of the previous month. As a consequence all the other sectors report values, sensibly smaller than the previous month.

Motivations Dec 2014

Tbe actions of the infamous Lizard Squad have brought DDoS on top of the Attack Techniques Chart (among the known ones). For the first time equally placed with Defacements and DDoS attacks. Once again, targeted attacks rank at number four with 9.8%, substantially in line with November.

Techniques Dec 2014

For the fourth month in a row, industry ranks unchallenged on top of the Distribution of Targets chart with an unprecedented 47.9%. Governmental targets rank at number two (13.7%), while educational institutions enter the top three with 9.6%.

Targets Dec 2014

E-commerce leads the drill-down chart for the industrial targets, whereas Human Rights are on top of the corresponding chart for organizations.

Industry Drill Down Dec 2014Org Drill Down Dec 2014

As usual, the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December Cyber Attacks Timeline

January 5, 2015 Leave a comment

Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).

No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).

But the latter was not the only attack targeting the Tor anonymity service in this period, which also suffered an unexplained outage affecting a cluster of Tor Directory Authority Servers in a Rotterdam data center.

Other noticeable events concern the outage of the Internet connection in North Korea (despite it is not completely clear if caused by a cyber attack or a fault), a malware detected in a South Korea power plant, the attacks targeting the ICANN and the ISC Consortium, two among the most important organizations for the Internet, and (yet another) breach targeting NVIDIA.

Moving to a different topic, all in all the hacktivists decided to enjoy the Christmas vacations with the exception of the Syrian Electronic Army who were back, and defaced an online magazine, the International Business Time, for an article against the Syrian regime.

Last but not least, with regard to  Cyber Espionage, there have been two operations discovered in this period: an alleged attack perpetrated by Chinese hackers against an Afghan CDN targeting directly many local governmental sites, and indirectly many foreign institutions, and also the discovery of the Anunak group, a well-organized crew able to steal USD $25 Million with a long lasting cyber espionage operation against targets in Europe and the US.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2014 Cyber Attacks Timeline Read more…

1-15 December 2014 Cyber Attacks Timeline

December 22, 2014 Leave a comment

It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).

Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.

At least for once, let us start from hacktivism. The hacktivists seem to be back in action: the Anonymous have taken part, directly or indirectly to several operations motivated by the racial tensions in the US (DDoS attacks against Oakland and Ontario), the raids against the Pirate Bay (leaks of Governmental emails), and the protests against the new High Speed Train line connecting Turin and Lyon (the defacement of  Official website of the Rhône-Alpes region).

A different form of hacktivism (but the border with Cyber Warfare in this case is really blurred) hit Sands Casinos earlier this year. Bloomberg has revealed that an apparent innocuous defacement happened in February was actually the mark of a more devastating attack perpetrated by Iranian hackers, who were able to wipe out all the internal clients and servers.

The Cyber Crime landscape (again maybe it should be more correct to call it Cyber Warfare) is still dominated by the outcome of the Infamous attack to Sony. Other interesting events concern the attack to an unnamed steel industry in Germany, causing physical damages, yet another wave of DDoS attacks against Sony (again!) and XboX Live, and the alleged compromise of Ars Technica requiring the registered users to change their passwords.

Last but not least, the level of state-sponsored operations is always high: at least three of them deserve to be mentioned: Operation Cleaver (allegedly backed by Iran), the resurrection of the Red October Group (Cloud Atlas or Inception) and also the discovery that the ISIS is active also in the Cyber Space, targeting a group of Syrian activists.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline Read more…

December 2013 Cyber Attack Statistics

January 15, 2014 Leave a comment

It’s time for the statistics derived from the Cyber Attacks Timelines of December (Part I and Part II).

As a consolidated tradition, the first chart to be shown is the Daily Attack Trend, which shows quite a constant trend with two peaks just at the beginning and at the end of the month.

December 2013 Daily Attack Trend

The Country Distribution Chart is quite monotonous: as usual the United States lead the chart (with nearly one half of the recorded attacks), well above UK (at rank number two with 8%). The other countries are quite far this month…

December 2013 Country Distribution

The Motivations Behind Attacks chart shows a clear predominance of Cyber Crime (62%) against Hacktivism (34%), a sharp increase of the first in comparison with the previous month when the values were respectively 53% and 45%.

December 2013 Motivations

Well, 28.4% of attacks into the Distribution of Attack Techniques chart are without a known origin (a sharp increase in comparison to 23.1% of the previous month). Defacements plummeted at 18.9% in comparison to 29.7% of the previous month), while DDoSes are in slight increase with 17.9% (was 15.4 one month ago). It is also interested to notice the growth of SQLi, at 12.6% against 4.4% of November.

December 2013 Distribution

Last but not least, the Distribution of Target chart, where a change at rank number one happened. In practice industry and government targets swapped their positions (with similar values in comparison to the previous month). Financial targets close the podium, leaving behind the other categories.

December 2013 Targetspng

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Enhanced by Zemanta

16-31 December 2013 Cyber Attacks Timeline

January 12, 2014 Leave a comment

Let’s give the welcome to this new infosec year with the first timeline of 2014 (or better the last of 2013) summarizing the main events occurred in the second half of December 2013.

With no doubt, this holiday season has been characterized by the Target breach, whose size is constantly growing (110 million the number of potential victims according to recent estimates). This massive incident has somehow shadowed another massive breached occurred in Turkey, were Russian hackers have allegedly been able to obtain 54 million citizens’ ID Data. With similar numbers, the 300.000 users potentially affected by the Cyber Attack involving Affinity Gaming appear risible.

Other considerable events include a Christmas Intrusion on a BBC server (with the author possibly selling the backdoor access on the underground) and yet another possible intrusion by Chinese hackers on a US target, specifically the Federal Election Commission.

Nothing particularly significant on the hacktivism front characterized by the consolidated “background noise” of events whose sizes are well far from the levels of the recent years.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2013 Cyber Attacks Timeline Update2 Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2012 Cyber Attacks Statistics

January 9, 2013 2 comments

December (and hence this 2012) is gone, so it is time to analyze the statistics for the corresponding Cyber Attacks Timelines.

According to the Daily Trend of December, the Christmas break has not stopped the hackers. The trend is quite constant (with a decrease around the end of the month) and with a peak around the 21st of December (the alleged End of the World according to the Mayan Calendar).

Daily Trend December 2012

The Motivations Behind Attacks chart shows an inversion of tendency in comparison with November. Cyber Crime and Hacktivism had nearly the same impact with respectively the 47% and 46% of occurrences. It is also interesting the presence of Cyber Warfare and Cyber Espionage Campaigns (mainly concentrated in the East).

Motivations December 2012

Also in December, the Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection, even if with a slightly lower impact than the previous month when it was at the 52%: nearly one attack on three has been carried on with this technique. Instead, in almost one attack on four, there was not enough information. Despite the attacks by Izz ad-Din al-Qassam Cyber Fighters, the weight of DDoS is progressively decreasing (this category ranks at number four with the 17% of occurrences), while, on the other side, the number of discovered targeted attacks is growing. Maybe they are increasingly attracting the attention of Security Researchers.

Distribution December 2012Again an inversion in comparison with November: the Distribution Of Targets chart shows that in the December cyber-crooks diverted their attention for targets belonging to the Government sector, even if industries and organizations are very close (the peak of the latter is due to the campaign of the Anonymous against the Westboro Baptist Church. It is also interesting to notice the peak of attacks against Financial institutions mainly due to the waves of DDoS attacks against the U.S. Bank.

Targets December 2012

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the December Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,320 other followers