It is time for the summary of the second half of February, two weeks of remarkable cyber attacks against high-tech giants, massive breaches and Twitter Account Hijackings.
Probably the most resounding events of this period (maybe more for the high profile of the victims than for the actual effects) are the two attacks, allegedly originating from China, (with a common root cause, the compromising of an iPhone developer forum) carried on against Apple and Microsoft.
But not only the two high-tech giants, other illustrious victims have fallen under the blows of hacktivists and cyber criminals. The list is quite long and includes Bank of America, American Express, Casio, ZenDesk, cPanel, Central Hudson Gas & Electric Corporation, etc.).
Last but not least, the unprecedented trail of Cyber attack against Twitter Profile belonging to single individuals (see Donald Trump) or Corporations (Burger King and Jeep). Maybe it is time to change the passwords…
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
A special thanks to Kim Guldberg AKA @bufferzone for continuously advising me about significant cyber events through the Submit Form! Much Appreciated!
Here is the summary of the Cyber Attacks Timeline for February. A month that will probably be remembered for the “sophisticated” cyber attacks to the two main social networks: Facebook and Twitter.
But the attacks against the two major social networks were not the only remarkable events of this period. Other governmental and industrial high-profile targets have fallen under the blows of (state-sponsored) cyber criminals: the list of the governmental targets is led by the U.S. Department of Energy and the Japan Ministry of Foreign Affairs, while Bit9, a primary security firm, was also targeted, leading the chart of Industrial targets.
Hacktivists have raised the bar and breached the Federal Reserve, leaking the details of 4,000 U.S. Banks executives. Similarly, the Bush family was also targeted, suffering the leak of private emails.
Even if the list is not as long as the one of January, it includes other important targets, so, scroll it down to have an idea of how fragile our data are inside the cyberspace. Also have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.
Yet another Sunday, yet another attack in Middle East.
Maher Center, the Iranian Computer Emergency Response Team / Coordination Center has just released a scant report concerning another (alleged) cyber attack targeting Iran.
Few information is available so far regarding this new targeted attack. The malware, simple in design and hence apparently unrelated to the other sophisticated cyber attacks targeting the same area, seems to have an efficient design and wiping features. According to the statement, the malware “wipes files on different drives in various predefined times. Despite its simplicity in design, the malware is efficient and can wipe disk partitions and user profile directories without being recognized by anti-virus software“. However, it is not considered to be widely distributed. The report also publishes the MD5s of the five identitified components.
Wiper malware samples are becoming increasingly common in Middle East. Of course the most known example so far is the massive cyber attack targeting Saudi Aramco, occurred in August 2012 and targeting 30,000 internal workstations. Few days ago, the final results of the investigations were unveiled, suggesting that the attack was carried on by organized foreign hackers, and aimed “to stop pumping oil and gas to domestic and international markets” with huge impacts on the national economy of the kingdom.
The next hours will tell us if we are in front of a similar scenario, or the statement is rather an attempt of propaganda aimed to emphasize Iranian defensive capabilities.