About these ads

Archive

Posts Tagged ‘Hacktivism’

May 2013 Cyber Attacks Statistics

It’s time for a drill down to the Cyber Attacks Statistics for the month of May 2013. As many readers ask, the data for the stats is derived from the corresponding Cyber Attacks Timeline.

The Daily Trend of Attacks chart shows a month double-faced. After an initial peak, the first two weeks have shown a quite low activity. The second half of the month instead has shown a revamping of the activity.

Trend May 2013

The Motivations Behind Attacks chart is maybe the most interesting thing for this month: Cyber Crime has overtaken Hacktivism at the top of the chart, but most of all, the chronicles of this month have shed light on many noticeable attacks motivated by Cyber Espionage (most of all the infiltration against Qinetiq and the compromising of most sensitive U.S. advanced weapons systems). The Cyber War between Taiwan and Philippines also influenced the chart.

Motivations May 2013

The Distribution of Attack Techniques assigns to the SQL injection the crown of the most used weapon for the month of May. DDoS is “only” at the third place with the half of occurrences. It is interesting to notice the high rate of attacks made by mean of account hijacking, at number four with the 12% of occurrences. a clear consequence of the long trail of high-profile attacks perpetrated by the Syrian Electronic Army.

Attacks May 2013

In comparison with the previous months, the Distribution of Attacks Chart “misses” the influence of the DDoS attacks against the U.S. Banks. Industrial targets lead the chart, followed at close distance by Governmental targets. Victims belonging to Organizations rank at number three at a greater distance.

Targets May 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

15-31 May 2013 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline for May (first part here).

The second half of the month has shown an unusual activity with several high-profile breaches motivated by Cyber-Crime or Hacktivism, but also with the disclosure of massive Cyber-Espionage operations.

The unwelcome prize for the “Breach of the Month” is for Yahoo! Japan, that suffered the possible compromising of 22 million users (but in general this was an hard month for the Far East considering that also Groupon Taiwan suffered an illegitimate attempt to access the data of its 4.1 million of customers).

On the cyber-espionage front, the leading role is for the Chinese cyber army, accused of compromising the secret plans of advanced weapons systems from the U.S. and the secret plans for the new headquarter of the Australian Security Intelligence Organization.

On the Hacktivism front, this month has been particularly troubled for the South African Police, whose web site has been hacked with the compromising of 16,000 individuals, including 15,700 whistle-bowlers.

Other noticeable events include the unauthorized access against the well known open source CMS Drupal (causing the reset of 1 million of passwords), the trail of hijacked Twitter accounts by the Syrian Electronic Army and also an unprecedented wave of attacks against targets belonging to Automotive.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2013 Cyber Attacks Timeline Part II Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 February 2013 Cyber Attacks Statistics

February 22, 2013 1 comment

It is time for the statistics related to the Cyber Attacks occurred during the first half of January and inserted into the the corresponding timeline.

The Daily Trend of Attacks shows two major peaks, during the 3rd of February (corresponding to the wave of DDoS attacks against Egypt Governmental targets carried on in name of OpEgypt), and just at the end of the month, when the attacks in name of OpKashmir became stronger. A third peak is visible during the 8th and, not a coincidence, it is still due to hacktivism, and in particular to the so-called OpBankUnderAttack.

Daily Trend 1-15 February 2013

The Motivations Behind Attacks Chart confirms the trend consolidated in January with Hacktivism still at the top with exactly the same percentage (56%). Cyber Crime Ranks at the second please with one half of the occurrences (28%). It is interesting to notice the Cyber Espionage that has reached its higher value (9%), maybe a consequence of the hype surrounding APT that is characterizing this period. For the first time I also had to insert a new motivation: Art. Frankly I did not find any other way to explain the Democratization of the Offshore Business made by the Italian Artist Paolo Cirio.

Motivations Behind Attacks 1-15 Febrary 2013

SQL Injection keeps on leading the chart related to the Distribution Of Attack Techniques with 31% of occurrences, almost double than DDoS at the second place with 15.6%. It is particularly interesting to notice the presence of Targeted Attacks at the third place, the higher rank ever reached so far. Media hype on the wake of the clamorous attacks of the last days, or a real increased effectiveness of the technologies that allow to detect an increasingly growing number of attacks belonging to this class of threats?Distribution Of Attack Techniques 1-15 Febrary 2013

Last but not least, the Distribution of Targets Chart confirms governmental targets at the first place with nearly 30%, immediately followed by, as usual, industries (18.8%) and organizations (12.5%). In any case the level of attention of crooks is also high against targets belonging to the Financial and News sector, which steadily rank respectively at number 4 and 5 of this unwelcome chart with the 10.9% and 9.4%. The others follow….

Distribution Of Targets 1-15 February 2013

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 February 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-16 February 2013 Cyber Attacks Timeline

February 18, 2013 3 comments

Here is the summary of the Cyber Attacks Timeline for February. A month that will probably be remembered for the “sophisticated” cyber attacks to the two main social networks: Facebook and Twitter.

But the attacks against the two major social networks were not the only remarkable events of this period. Other governmental and industrial high-profile targets have fallen under the blows of (state-sponsored) cyber criminals: the list of the governmental targets is led by the U.S. Department of Energy and the Japan Ministry of Foreign Affairs, while Bit9, a primary security firm, was also targeted, leading the chart of Industrial targets.

Hacktivists have raised the bar and breached the Federal Reserve, leaking the details of 4,000 U.S. Banks executives. Similarly, the Bush family was also targeted, suffering the leak of private emails.

Even if the list is not as long as the one of January, it includes other important targets, so, scroll it down to have an idea of how fragile our data are inside the cyberspace. Also have a look at the timelines of the main Cyber Attacks in 2011, 20122013, and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-16 February 2013 Cyber Attacks Timeline

Read more…

January 2013 Cyber Attacks Statistics

February 11, 2013 1 comment

Here are the statistics related to the Cyber Attacks included inside the January 2013 Cyber Attacks Timelines. A terrible month that has seen an unprecedented number of Cyber Attacks.

The Daily Trend Of Attacks emphasizes the peak in the second half of January, in particular the 24th has seen a surprisingly high rate due to the massive (and last, at least so far) wave of DDoS attacks against the U.S. Banks.

Daily Trend January 2013

The Motivations Behind Attacks Chart confirms the influence of hacktivism in this early 2013. More than half of the attacks (more precisely the 56%) were motivated by this reason. From this point of view the new year begins in a complete different way than 2012 when, despite the peak of attacks on the wake of the Megaupload shutdown, Cyber Crime led the chart with the 54% (against the 40% motivated by Hacktivism).

Motivations January 2013

Easily predictable, the plenty of attacks against U.S. Banks has brought the DDoS on top of the Distribution Of Attack Techniques Chart with almost the 40% of occurrences. SQLi follows closely with the 33%. It is interesting to notice the relatively high impact of Targeted Attacks (3.8%) mainly due to the sudden disclosure of (purported) Chinese Cyber Attacks against U.S. Media.

Distibution January 2013

Again, the attacks against U.S. Banks push the finance targets on top of the Distribution Of Targets Chart, ten points ahead of Governmental targets that, at least for this time, rank at the second place with the 21% of occurrences. Targets belonging to industry rank at the third place with the 13%.

Distribution Of Targets January 2013

Even in this promising 2013, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the January 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 January 2013 Cyber Attacks Statistics

January 20, 2013 Leave a comment

Here are the statistics for the Cyber Attacks occurred in the first half of January 2013 and included inside the corresponding Cyber Attack Timeline.

The Daily Trend of January shows a couple of peaks in correspondence of the 3rd and the 10th of January, during the DDoS attacks of the Izz ad-Din al-Qassam Cyber Fighters (another minor peak occurred during the 8th of January. On average the sample included 4.67 attacks per day.

1-15 Jan 2013 Daily Trend

Even the attack by the Islamist collective contributed to the overtake of the hacktivism against cyber crime shown in the Motivations Behind Attacks chart. One attack on two of the sample was done for this purpose, even if the authors with different connotations: from the protests against the infamous video “The Innocence of Muslims”, to the retaliation for the suicide of Aaron Swartz, going through the different operations carried on by the Anonymous.

1-15 Jan 2013 Motivations

In any case, the Distribution of Attack Techniques chart shows frequency of DDoS Attacks did not prevent the SQL Injection of being the preferred weapon for cybercrooks with the 35% of occurrences. DDoS is immediately behind with the 27% of occurrences.

1-15 Jan 2013 Distribution

However, the Distribution Of Targets chart shows that targets belonging to finance were the most preferred in this period with the 25% of preferences, certainly a consequence of the wave of DDoS attacks against US Banks. Governmental targets are very close with the 24% of occurrences. Industry targets complete the podium with the 13%, just before targets belonging to Organizations and Education, respectively with the 8% and 7%.

1-15 Jan 2013 Targets

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 January 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

 

1-15 January 2013 Cyber Attacks Timeline

January 17, 2013 4 comments

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 January 2013 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Follow

Get every new post delivered to your Inbox.

Join 3,041 other followers