About these ads

Archive

Posts Tagged ‘Israel’

1-15 November 2012 Cyber Attacks Timeline

November 19, 2012 1 comment

The first half of November 2012 has been undoubtedly characterized by Hacktivism. Not only the month has begun with the ProjectBlackStar by the infamous Team Ghostshell (2.5 million accounts leaked belonging to different Russian sectors), but also the long-awaited November 5 has brought an unprecedented wave of Cyber Attacks against organizations all over the world, including Symantec and the UK Ministry Of Defence (more than 3,000 accounts leaked in both cases).

Moreover, after the dramatic event of the 14th of November (the killing of Ahmed Al-Jaabari, the commander of the military wing of Hamas by an Israeli missile and the consequent Operation “Pillar Of Defense”), the Anonymous have started a massive campaign of Cyber Attacks against Israel sites and in support of Palestine. This campaign is still ongoing even if it is really impossible to track all the attacks (nearly 700 defaced web sites so far), and hence, as far as possible, only a general overview is provided.

Of course these events have shadowed the other attacks, including the ones to LG (3,300 accounts leaked in two different cyber attacks) and Adobe (150,000 records allegedly compromised).

The chronicles also report of an alleged cyber attack against Telecom Italia (30,000 accounts allegedly leaked), even if there several doubts about the real authenticity of this attack.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

About these ads
Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

OpIsrael Confirms the Cyber-space is the Fifth Domain of War

November 18, 2012 1 comment

The Israeli Cyber Space is under attack by Anonymous hackers in retaliation for the Israeli operation “Pillar of Defence“. The military operation began on Wednesday with the killing of Ahmed Al-Jaabari, the commander of the military wing of Hamas, whose car has been hit by an Israeli Missile

If Hamas’s armed wing, immediately after the attack, replied that “The occupation has opened the gates of hell”, the ongoing wave of cyber-attacks against Israeli sites initiated by the Anonymous collective (under the so-called OpIsrael), has analogously opened the gates of hell in the cyber-space.

So far the Anonymous claim that more than 660 websites have been defaced and nearly 90 completely deleted (including the Bank Of Jerusalem), and the list keeps on growing as the cyber-offensive continues (just follow the #OpIsrael hashtag on Twitter). Israel  is suffering a growing number of DDoS and SQLi attacks against governmental, retail, and business targets resulting in sites down, data dump and, in the worst cases, databases completely erased. Interestingly, this wave of cyber-attacks has also deserved the attention of the “semi-official” Iranian news agency Fars News, which has dedicated an article to the Anonymous Hacks.

In the past four days, Israel claims to have deflected 44 million cyber-attacks.

Definitely the cyber-space is the fifth domain of war and this sad circumstance is confirming this assertion, not so much for the cyber-attacks (Anonymous cannot be considered an army), but mostly for other aspects typical of real wars that has been applied to the cyber-space.

In response to the Israeli threat to cut Internet off from Gaza, the Anonymous have put together the Anonymous Gaza Care Package a kind of first-aid kit containing instructions in Arabic and English to survive an Internet teardown and to evade IDF surveillance.

On the opposite side, the Israeli Defence Force has released a tool on its blog, called IDF Ranks, that rewards with badges frequent visitors who interact with the site. The scope, according to IDF, is “to help fight the misinformation about Israel and the IDF online”. A clear attempt to use the cyber-space for propaganda.

New Waves of Cyber Attacks in Middle East

October 9, 2012 Leave a comment

The infosec chronicle has offered many interesting events in this first part of October. Upon all, the massive leak against top 100 universities by the infamous Team GhostShell, the Skype worm, and, last but not least, the U.S. congressional report accusing China’s leading telecom equipment makers, Huawei and ZTE, of being a potential security risk.

Inevitably these events are obfuscating what’s going on in Middle East where Iran, on one hand, is facing the latest wave of Cyber Attacks against its internal assets, and on the other hand, claims to have infiltrated the “most sensitive enemy cyber data”.

This hot autumn for the Middle East has begun on September 30 (approximately one week after Iran connected all its government agencies to its secure autarchic domestic internet service). In that circumstance Iranian Rear Admiral Ali Fadavi announced a clamorous cyber strike of his navy’s cyber corps, being able to “infiltrate the enemy’s most sensitive information” and successfully promote “cyberwar code,” i.e. decrypt highly classified data.

Ali Fadavi did not specify the name of any particular enemy, but simply referred to “imperialistic domination,” a clear reference to Iran’s “enmity with America.”

Maybe is a coincidence, or maybe not, but on October 3 Iran has suffered a massive outage of its Internet infrastructure, at least according to what Mehdi Akhavan Behabadi, secretary of the High Council of Cyberspace, has declared to the Iranian Labour News Agency. An outage that the Iranian official has attributed to a heavy organized attack against the country’s nuclear, oil, and information networks, which forced to limit the usage of the Internet.

The latest (?) episode a couple of days ago, on October 8, when Mohammad Reza Golshani, head of information technology for the Iranian Offshore Oil Company, told Iran’s Mehr news agency that an unsuccessful (i.e. repelled by Iranian Experts) cyber attack had targeted the company platforms’ information networks in the past few weeks. I wonder if we are in front of a new Flame. In any case, according to Mr. Golshani there were few doubts about the authors of the attack.

“This attack was planned by the regime occupying Jerusalem (Israel) and a few other countries”.

Few hours later Iran has officially blamed Israel and China for planning and operating the attack.

It is not a mystery that the Stuxnet attack forced Iran to tighten its cyber security, a strategy culminating on the creation of a domestic Internet separated from the outer world (a way to control the access to the Web according to many observers).

For sure it is not a coincidence that the same network separation is the main reason why Iran was able to repel the latest attacks.

My sixth sense (and half) tells me that other occasions to test the cyber security of the Iranian domestic Internet will come soon!

16-30 September 2012 Cyber Attacks Timeline

October 4, 2012 2 comments

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six  U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29th, under the hashtag of #29s.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Cyber Battle in Middle East Continues…

September 20, 2012 Leave a comment

In the last wave, Yourikan has taken down 106 Iranian sites, defacing them with a message against the Nuclear Strategy of Iran.

He also claims to have deleted the backend databases.

This is only the latest occurrence of the mutual attacks between the two cyber factions. My sixth sense and one half tells me that more are to come…

After the jump you find the complete list (at the time of writing, in many cases the defaced pages have already been removed).

Read more…

16 – 31 August 2012 Cyber Attacks Timeline

September 5, 2012 Leave a comment

Here the first part with the timeline from 1 to 15 August 2012.

Here we are with the second part of the August 2012 Cyber Attacks Timeline. A second part of the month that has been characterized by hacktivism, most of all because of the so-called OperationFreeAssange, which has targeted many high-profile websites.

Among the targets of the month, Philips has been particularly “unlucky”. The Dutch giant has been the victim of three Cyber Attacks, even if there are several doubts about the authenticity of the hacks.

But maybe the biggest operation of the month is the #ProjectHellFire, carried on by the collective @TeamGhostShell, that has unleashed something as 1 million of accounts belonging to different sectors (banks, government agencies, consulting firms, law enforcement and the CIA). And the group promises new action for this Fall and Winter.

The Middle East confirms to be very hot, with a new Cyber Attack, probably another occurrence of Shamoon, targeting RasGas, yet another Oil Company.

Just one note: of course it is impossible to track all the targets of the #OpFreeAssange. You can find a complete list at cyberwarnews.info.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Winds Of Cyber War From The Middle East

August 8, 2012 3 comments

Approximately a couple of weeks ago, an Israeli hacker called You-r!-k@n, one of the early contenders of the Middle East Cyber War, had defaced the Iran Energy Water Website. The attack was claimed as a form of cyber protest (and cyber retaliation) against Iranian institutions executed by the same author.

Yesterday, two weeks later, with the same motivations, the same hacker has targeted and defaced 91 Iranian sites, including several government and education sites together with several important companies.

All the affected sites (at the time of writing the ones listed below are still defaced) show the same message against the “terror” and the nuclear strategy of Iran together with an Israeli flag.

According to the author, the list of the victims include:

According to the original statement of You-r!-k@n:

This is an attack against Iran than support terrorism and developing nuclear weapons to destroy Israel.

The situation between the two hot countries of the Middle East continues to be tense, and cyberspace is not an exception.

July 2012 Cyber Attacks Timeline (Part II)

August 3, 2012 1 comment

Click here for Part I.

The Dog Days are nearly here. Weather forecast are announcing for Italy one of the hottest summers since 2003, and the same can be said for the Infosec temperature, although, July 2012 has been very different from the same month of 2011, which was deeply characterized by hacktvism.

Instead looks like that hacktivists have partially left the scene in favor of cyber criminals who executed several high profile breaches also in the second part of the month: Maplesoft, Gamigo, KT Corporation and Dropbox are the most remarkable victims of cyber-attacks, but also other important firms, even if with different scales, have been hit by (improvised) Cyber Criminals. One example for all? Nike who suffered a loss of $80,000 by a 25-year improvised hacker, who decided that exploiting a web vulnerability was the best way to acquire professional merchandise.

But probably the prize for the most “peculiar” cyber-criminal is completely deserved by Catherine Venusto, who successfully changed her sons’ grade for 110 times between 2011 and 2012.

As far as the Hacktivism is concerned, although we were not in the same condition of one year ago (a leak every day kept security away), this month has offered the massive leak of the Australian Provider AAPT, with 40 gb of data allegedly stolen by the Anonymous.

Last but not least, a special mention for the cyber espionage campaigns, that had an unprecedented growth in this month: Israel, Iran, Japan, the European Union and Canada, are only few of the victims. Iran gained also an unwelcome record, the first nation to be hit by a malware capable of blasting PC speakers with an AC/DC song…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Iran Energy Water Website Defaced By An Israeli Hacker Against The Terrorist Attack in Burgas

You-r!-k@n keeps on his personal battle against Iran.

The latest target is the official website of Iran Energy Water (tw.org.ir), which has been defaced, showing, in several sections, of the main page, a message against the Iran Nuclear Program and against the recent event in Bulgaria where five Israeli tourists (and their local driver) were killed in a terrorist attack in the Black Sea city of Burgas. At the time of writing the web site is unavailable, showing the well-familiar IIS7 Splash Screen (in spite of the embargo and the alleged Iranian Cyber Autarchy).

As you know, Israel blamed Iran for the latter event (backed by American Officials), and hence, easily predictable, the dispute between the two states has (once again) crossed the boundaries of the cyber world (but a defacement is quite a simple question in comparison with Stuxnet and The Flame).

The time of the Middle East Cyber War is well behind, nevertheless cyber events targeting both countries, whether state-sponsored or carried on by lone rangers, continue to happen at a constant rate.

Follow

Get every new post delivered to your Inbox.

Join 2,705 other followers