About these ads

Archive

Posts Tagged ‘Egypt’

16-31 January 2013 Cyber Attacks Timeline

February 7, 2013 1 comment

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

16-31 January 2013 Cyber Attacks Timeline

Read more…

About these ads
Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 December 2012 Cyber Attacks Timeline

December 17, 2012 2 comments

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.

Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 December 2012 Cyber Attack Timeline Read more…

16-30 September 2012 Cyber Attacks Timeline

October 4, 2012 2 comments

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six  U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29th, under the hashtag of #29s.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

February 2012 Cyber Attacks Timeline (Part I)

February 16, 2012 1 comment

February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.

The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.

Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.

Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful:

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2011 Cyber Attacks Timeline (Part II)

December 30, 2011 2 comments

This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.

Last but not least… This post is my very personal way to wish you a happy new infosec year.

Read more…

Anonymous vs Syrian Electronic Soldiers

September 28, 2011 2 comments

Hactivism is making possible to bring wars and revolutions on the cyberspace, the fifth domain of war. In particular the Arab Spring has given the definitive consecration to politically driven hacking actions that have proven to be a key factor inside the protests that are changing the political landscape in the Middle East: non conventional weapons used together with “traditional” methods by both parties involved on revolutions: cyber-opponents vs cyber-supporters.

Tunisia has been the first example of this new way to provide backing to social protests: at the beginning of 2011 the Anonymous activists targeted Tunisian government sites. It was the 4th of January and this action (or Operation quoting the same term used by the Anonymous) showed to the world the real, political and social power of the Cyber warfare.

Few days later (June, 26th 2011) the same fate befell to Egypt: government sites were targeted with DDOS attacks which contributed to draw attention to ongoing protests which led to the fall of President Mubarak.

Following the wake of the Arab spring, the Anonymous also took position in the Libyan Revolution declaring their engagement with the rebels. Although, from an information security perspective, no practical consequence followed this statement, it had a huge symbolic significance, since in a clear and decisive manner, an hacker crew crossed the boundary of the cyberspace and took position on a social and political event even before performing any hacking acton.

But in Syria the revolution fought in the fifth domain has reached its “bloody” peak. On August, the 7th 2011 the Anonymous targeted the Syrian Ministry of Defense with a resounding defacement. A couple of days later, in retaliation of the previous defacement, the Syrian Electronic Soldiers defaced Anonplus, the Anonymous Social Network, that had already been, a couple of weeks before, the target of a defacement performed by the same Syrian Crew.

But the “war inside the war” fought between the two groups does not stop here: following the bloody events in Syria, on Sunday, 25th of September, the Anonymous decided to open again the hostilities unleashing a chain of defacement action, against the Syrian Government, hacking and defacing the official sites of seven major Syrian cities, which stayed up in their defaced version for more than 16 hours. The defacement actions kept on the following day in which 11 Syrian Government Sites were defaced as part of the same operation.

Of course a retaliation of the Syrian Electronic Soldier was predictable (and close in time) and targeted, in an unexpected manner, one of the most important US Universities, the University of Harvard which was victim of a resounding defacement on Monday, the 26th of September.

So far the two Cyber Armies have shown an unprecedented impetus in countering their respective acts of cyberwar. Probably the story will not end up here and, most of all, we will have to get used to watch the wars and the revolutions on a double perspective involving real battlefields and virtual battlefields. The problem here is that information security professionals and system administrators are not likely to be mere spectators, but the real soldiers of this non conventional war.

Switch Off The Revolution (With An Infrared Sensor)

Just a couple of months ago, in writing the first post about Mobile Warfare (which should have later become Consumerization of Warfare) I expressed some considerations about the growing need for illiberal government to prevent the use of mobile devices as preferred media for the rioters to capture live images of the events, and to spread the information all around the Globe by mean of Social Networks.

Cutting off the Internet has been the first clumsy countermeasure applied by Egypt and Syria, but it is really unlikely that this kind of massive preventive block will be applied again by other countries because of the huge dependence of Internet, which characterizes our epoch, and consequently, as a collateral damage, would stop other vital activities.

As a consequence, I hypothesized that possible future countermeasures will aim to make unusable directly the source of information (read mobile devices), and the media for sharing them (read social networks), relying upon a new generation of Cyber-warfare among which:

A massive Denial of Service for mobile devices through massive exploit of vulnerabilities (more and more common and pervasive on this kind of devices), through massive mobile malware deployment or also by mean of massive execution of mobile malware (as, for instance, Google did in order to remotely swipe the DroidDream malware). Honestly speaking I consider the latter option the less likely since I can easily imagine that no manufacturer will provide cooperation on this (but this does not prevent the fact that a single country could consider to leverage this channel).

No manufacturer will provide cooperation on this? Maybe… Too many times reality surpasses imagination, and when it comes to reality that surpasses the imagination, then surely it comes from Apple. This time, unfortunately, not in the sense that we’re used to (admiring products years ahead of the competition, which previously did not exist not even in our imagination), but in the sense that a patent recently filled by Apple could implicitly provide cooperation for illiberal governments to prevent smartphones to take live images of protests.

It looks like that Apple is Apple is developing software that will sense when a smartphone user is trying to record a live event, and then switch off the device’s camera (only the camera, the other functions will not be affected) by mean of infrared sensors directly installed on the device. The real reason is probably the need to prevent concertgoers to post footage of events on YouTube or other similar sites (at the expense of the organizers which sometimes sell sell their own recordings of the events), which could potentially allow Apple to negotiate better conditions with labels when dealing for placing music on sale on iTunes (and could also potentially provide another source of revenue by charging people to film live events).

But besides commercial considerations, there is another important aspect (a collateral damage I would say). The events of recent months have shown us that the concerts were not the only places where the phones have been used to capture live images. In North Africa and Middle East they have been used to document repression and illiberality. But what would have happened if this technology had really been developed? Probably it would have limited the effect of the winds of change in Tunisia, Egypt, Syria and Libya, since Mobile Devices (and their cameras) played (and are playing) an important role to witness the real entity of the events.

Imagine if Apple’s device had been available to the Mubarak regime earlier this year, and Egyptian security forces had deployed it around Tahrir Square to disable cameras just before they sent in their thugs to disperse the crowd.

Would the global outcry that helped drive Mubarak from office have occurred if a blackout of protest videos had prevented us from viewing the crackdown?

This is more than speculation. since thousands of cellphone cameras in the Middle East and North Africa have been used to document human rights abuses and to share them with millions via social media. I went in Libya approximately a month before the beginning of the revolution and I was astonished by the number of iPhones noticed over there.

This is more than speculation also because the role of mobile technologies for the above mentioned events has been recognized also by Mr. Obama during his speech on Middle East.

As correctly stated, Smartphones like the iPhone and Droid are becoming extensions of ourselves. They are not simply tools to connect with friends and family, but a means to document the world around us, engage in political issues and organize with others. They literally put the power of the media in our own hands.

Apple’s proposed technology would take that power away, that is the reason why the community is moving in order to urge Steve Jobs to pull the plug on this technology.

Internet In A Suitcase

June 13, 2011 2 comments

According to a NYT article, this is exactly what the Obama Administration is doing, leading a global effort to deploy a “shadow” Internet and an independent mobile phone network that dissidents can use against repressive governments that seek to silence them by censoring or shutting down telecommunications networks (as happened in Egypt and Syria).

More in detail the above mentioned effort include secretive projects to create independent cellphone networks inside foreign countries, as well as an “Internet in a suitcase” prototype, financed with a $2 million State Department grant, which could be secreted across a border and quickly set up to allow wireless communication over a wide area with a link to the global Internet. In a sort of 21st century version of Radio Free Europe relying on a version of “mesh network” technology, which can transform devices like cellphones or personal computers to create an invisible wireless web without a centralized hub

If one puts together the pieces of the puzzles of the last events, one clearly realizes that the ingredients were already on the pot and now are being mixed in the right dosage for a recipe of freedom.

On the other hand the importance of the Internet Connectivity (in terms of presence or absence) in War Zones is unquestionable. And this is brilliantly shown from the fact that we are getting more and more familiar with the shutting down of Internet connectivity as a clumsy attempt carried out by some governments for preventing the spreading of unwelcome information and the consequent use of Social Networks for propaganda, PsyOps or real War Operations. Of course I already talked about special groups of US Army, which I dubbed “Corps of (Networks and Security) Engineers” dedicated to maintain Internet connectivity in war zones by mean of 3G or Wi-Fi drones. It looks like I was only partially right since the reality seems much closer to a spy novel featuring special agents equipped with Internet suitcases rather than soulless drones equipped with antennas.

Same speech for mobile technologies: United States officials said, the State Department and Pentagon have spent at least $50 million to create an independent cellphone network in Afghanistan using towers on protected military bases inside the country in order to offset the Taliban’s ability to shut down the official Afghan services. More recently, a similar action was performed in Libya, with the hijacking of the Libyana Mobile Operator Network to be used by rebels groups to communicate between them. Clearly these were not episodic cases but the first examples of a real mobile warfare strategy aimed to maintain mobile connectivity (videos shot with mobile phones are a point in common of all the protests in Maghreb and Middle East) without clumsy actions such as the smuggling of Satellite Phones in Syria.

In light of these facts, Mr. Obama’s speech on the Middle East on May, the 19th assumes a new meaning and a deeper analysis shows that some prodromes of this strategy were already announced, even if in a hidden form:

Cell phones and social networks allow young people to connect and organize like never before. A new generation has emerged. And their voices tell us that change cannot be denied…

And again:

In fact, real reform will not come at the ballot box alone. Through our efforts we must support those basic rights to speak your mind and access information. We will support open access to the Internet.

Open support to Internet… Even if closed inside a suitcase…

Tweets Of Democracy

May 19, 2011 7 comments
Official presidential portrait of Barack Obama...

Image via Wikipedia

Today President Obama held his speech on the Middle East announcing a new strategy (and new investments) for the Middle East aimed to encourage the process of Democratization in place. I gave a look to the entire speech and noticed some assertions particularly meaningful which implicitly admit the crucial role that new technologies played in the past months (and will probably play into this kind of new Middle East Mashall Plan) as triggers (and drivers) for backing the fights for human rights.

I used the term Mobile Warfare to stress the role that (consumer) mobile technologies and social networks played in the events that changed the social and political landscape in the Mediterranean Africa and more in general in the Middle East, coming to conclusion that the impact of these new technologies is defining a new democracy model which will have to be taken seriously into consideration by all those governments which still put in place severe limitations to human rights.

So, I was definitively not surprised when I noticed this assertion on Mr. Obama’s speech:

… But the events of the past six months show us that strategies of repression and diversion won’t work anymore. Satellite television and the Internet provide a window into the wider world – a world of astonishing progress in places like India, Indonesia and Brazil. Cell phones and social networks allow young people to connect and organize like never before. A new generation has emerged. And their voices tell us that change cannot be denied…

Which implicitly admits the role of Mobile Warfare: strategies of repression and diversion will not work anymore and the weapons to fight repression are just Cell Phones and Social Networks with which young people (usually most involved in the protests) can connect and not only organize life like never before but also realize that there is a world  outside the window…  On the other hand, particularly in case of Egypt, Social Network literally played a primary role in the protest, since one of the leaders was Mr. Wael Ghonim (expressly quoted by Mr. Obama’speech), a young Google Executive.

And the freedom is not only a matter of elections but also of access to new technologies:

In fact, real reform will not come at the ballot box alone. Through our efforts we must support those basic rights to speak your mind and access information. We will support open access to the Internet, and the right of journalists to be heard – whether it’s a big news organization or a blogger. In the 21st century, information is power; the truth cannot be hidden; and the legitimacy of governments will ultimately depend on active and informed citizens.

This implies that the plan that U.S. and E.U. are going to deploy for the Middle East (a comprehensive Trade and Investment Partnership Initiative in the Middle East and North Africa) will also involve funding aimed to promote the access to new technologies for facilitating the sharing of information (and the conseguent hactivism and psyops operations), a factor which the recent events have shown to become synonym of democracy. Also because, according to Cisco predictions, if in 2010 there were 12.5 billion devices connected to the Internet, there will be 25 billion by 2015, and 50 billion by 2020, and consequently it is really hard to think that filters, blocks and any other form of (social, political and technological) repression in the Middle East will stop this tide.

Follow

Get every new post delivered to your Inbox.

Join 2,714 other followers