About these ads

Archive

Posts Tagged ‘July’

July 2013 Cyber Attacks Statistics

August 11, 2013 Leave a comment

It’s time for the Statistics related to the Cyber Attacks reported in the July 2013 Timelines (Part I and Part II).

You will find a (hopefully) welcome novelty from this month: as a matter of fact starting from July I begun to record the nationality of the targeted companies (not the domains), so the corresponding data will be reported in the statistics accordingly.

Let us begin with the Daily Trend of Attacks chart. Here the Summer shows its effects showing a constantly decreasing shape after the peak occurred the 15th.

July 2013 Trend

And here it comes the innovation. Easy Predictable US (well above the others) and UK lead the Country Distribution Chart, but even Pakistan is not that bad! The other countries are aligned at approximately the same levels. US and UK collected together the 45% of the attacks reported in the timelines.

Country Jul 2013

Just like the previous month, Cyber Crime leads the Motivation Behind Attacks chart. The levels are similar to the ones of the previous month with a light drop from 62% in June to 57% in the current month. On the other hand, unlike the past years, this summer seems quite problematic for the hacktivists, also due to the recent sentencing.

Motivations Jul 2013

It is true, this July has brought many innovations, and for the first time Defacements lead the Distribution Of Attack Techniques Chart. Also the account Hijackings are becoming very popular. For the first time (as far as I remember) SQLi and DDoS are out from the first three ranks, even if there is a meaningful amount of attacks for which it has not been possible to derive the used technique based on the available information. Kindly remind that I take defacements into consideration only when they are meaningful, that is targeting Governmental primary domains or high profile targets, or also when they cause the leaking of data.

Attack Techniques

Last but not least, Governmental targets lead the Distribution of Target chart with 29%. Industry ranks at number two, quite close (only three points far). The two categories swapped their places in comparison with the previous month. It is also interesting to notice the third position of single individuals, a consequence of the multiple attacks against Twitter accounts.

Industry Jul 2013

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

16-31 July 2013 Cyber Attacks Timeline

So, the second half of July is ready to show us what happened in the cyber-landscape.

It’s Summer, the dog days are among us, and the temperatures are quite high even under the Infosec Sun. Most of all for software companies that, even if for different motivations, were the unwelcome targets of the most remarkable attacks of these two weeks: Ubuntuforums.org has been hacked, putting at risk 1.82 million of accounts, and even three well-know mobile services TrueCaller, Viber and TangoMe suffered the same fate.

But this month will be probably remembered for the indictment of five est European men who, between 2005 and 2012 infiltrated some of the world’s biggest financial institutions, pilfering data for more than 160 million credit cards.

Other noticeable events include the infiltration against apple.developer.com and the breach against Stanford University affecting potentially 72,000 users.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 July 2013 Cyber Attacks Timeline Read more…

1-15 July 2013 Cyber Attacks Timeline

I am quite in time with the list of the main Cyber Attacks occurred in the first half of July.

This period has been quite hard for the Video Games Industry with two noticeable events targeting Konami and Ubisoft (58 million of account potentially affected in this second case). Another noticeable breach involves the attack against the Italian Website of Sony, which lead to 40,000 records leaked.

Regarding hacktivism, Turkey keeps on being quite hot in this period, and not only for the Summer: several governmental targets have been hits by cyber attacks directly related to the OpTurkey initiative.

Last but not least: you will notice I have added a new column indicating the target country: for the sake of clarity, it refers to the nationality of the targeted organization and not to the geo-location of the targeted IP.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 July 2013 Cyber Attacks Timeline Read more…

July 2012 Cyber Attacks Statistics

Here we are with the statistics from the Cyber Attack Timelines  for the first and the second half of July 2012. The sample included 76 attacks which have been analyzed according the three familiar parameters: Motivations behind attacks, Distribution of attacks techniques and Distribution of targets.

Again, I will never get tired of repeating that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period. Moreover, remember that the most dangerous threats are the invisible ones.

As far as  the Motivations Behind Attacks are concerned, July has confirmed the predominance of Cyber Crime, although it dropped down to 55% from 72% of the previous month. It is interesting to notice the corresponding growth of Hacktivism, from 18% in June to 32% in July. Although the number of (discovered) attacks motivated by Cyber Espionage is always low, this month their occurrences nearly doubled as a consequence of the events in the Middle East, that confirms to be a “hot area” for the Cyber Arena. Cyber Warfare is positioned at the bottom of the chart with a “poor” 4% of the occurrences.

The Distribution Of Attacks Techniques chart confirms that is getting harder and harder to recognize what the cyber crooks have leveraged to reach their goal. The percentage of the unknown attacks has grown from the 36% of June to the 45% of July. In any case, among the recognized attacks, SQL Injection ranks at number one with the 28% of possible occurrences. DDoS has confirmed his decreasing trend from 16% in June to 9% in July. Maybe the possible victims are learning to effectively defend themselves?

The Distribution of Targets chart confirms that targets belonging to industry are always on top of the preferences of Cyber Crooks with the 32% of occurrences, well above the 21% of the last month. Government targets confirmed their second place with the 15% of occurrences (were the 18% on July) followed by Online Services with the 10%. It is interesting to notice the low occurrences of incidents targeting Law Enforcement Agencies and Military Institutions. Maybe after the high number of cyber attacks suffered, they are learning to enforce adequate countermeasures.

 If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2012 Cyber Attacks Timeline (Part II)

August 3, 2012 1 comment

Click here for Part I.

The Dog Days are nearly here. Weather forecast are announcing for Italy one of the hottest summers since 2003, and the same can be said for the Infosec temperature, although, July 2012 has been very different from the same month of 2011, which was deeply characterized by hacktvism.

Instead looks like that hacktivists have partially left the scene in favor of cyber criminals who executed several high profile breaches also in the second part of the month: Maplesoft, Gamigo, KT Corporation and Dropbox are the most remarkable victims of cyber-attacks, but also other important firms, even if with different scales, have been hit by (improvised) Cyber Criminals. One example for all? Nike who suffered a loss of $80,000 by a 25-year improvised hacker, who decided that exploiting a web vulnerability was the best way to acquire professional merchandise.

But probably the prize for the most “peculiar” cyber-criminal is completely deserved by Catherine Venusto, who successfully changed her sons’ grade for 110 times between 2011 and 2012.

As far as the Hacktivism is concerned, although we were not in the same condition of one year ago (a leak every day kept security away), this month has offered the massive leak of the Australian Provider AAPT, with 40 gb of data allegedly stolen by the Anonymous.

Last but not least, a special mention for the cyber espionage campaigns, that had an unprecedented growth in this month: Israel, Iran, Japan, the European Union and Canada, are only few of the victims. Iran gained also an unwelcome record, the first nation to be hit by a malware capable of blasting PC speakers with an AC/DC song…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

July 2012 Cyber Attacks Statistics (Part I)

Here we are with the statistics from the Cyber Attack Timeline for the first half of July 2012. The sample included 39 attacks which have been analyzed according the three familiar parameters: Motivations behind attacks, Distribution of attacks techniques and Distribution of targets.

As far as Motivations Behind Attacks are concerned, the first two weeks of July confirmed the trend of the last months: Cybercrime ranked at number one with nearly the 70% of the occurrences, well ahead hacktivism, at number two with the 23%. Cyber Warfare and Cyber Espionage are well behind with respectively the 5% and 3% of the attacks.

The Distribution Of Attack Techniques has shown, for the first half of July, a considerable number of attacks of unknown origin. As a matter of fact, in more than one half of the occurrences (53%) it has not been possible to track the attack technique used by cyber croockers, at least according to the available information. In all those cases in which it has been possible to track the attacks, the first half of July has seen an overtake of DDoS (18%) against SQL Injection (13%), although if one sums the total occurrences of SQL Injections (certain and claimed, the latter are characterized by a question mark in the chart), the total of SQLi is a remarkable 21%, slightly greater than DDoS). I had to modify this chart after I came across an article indicating an SQL Injection attack as the vector of the breach suffered by Nvidia.

The Distribution of Targets chart confirms the Industry at rank number one with the 38% of occurrences. In any case, if we do not consider the fragmentation of this category (I have dedicated an apposite chart to drill it down), Governments have confirmed to be the most vulnerable targets with the 10% of the occurrences, corresponding to the most vulnerable single category.

Amongst the single categories, Law Enforcement Agencies rank at number two with the 8% of occurrences, followed by Education targets, online forums and political organizations, each one of them with the 5% of occurrences.

Again, please notice that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period. Moreover, remember that the most dangerous threats are the invisible ones.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

July 2012 Cyber Attacks Timeline (Part I)

July 20, 2012 1 comment

Update 08/02/2012: July 2012 Cyber Attacks Timeline (Part II)

Although the number of attacks has considerably diminuished, the first half of July has left several high-profile attacks which deserverd huge attention, exposing in theory more than 2,000,000 individuals. Yahoo! Voice, Android Forums, Nvidia, Formspring, Billabong and ASUS are several of the well-known names that were victims of the high-profile breaches in the first two weeks of July.

World Health Organization and PBS (once again) were also illustrious victims of Cyber Attacks.

Besides these remarkable events, it looks like the actions carried on by the Law Enforcement agencies in the last period led to some results since the number of incidents looks undoubtably smaller than the previous months.

For what concerns the cyber attacks driven by hacktivism, it is particularly important to notice #OpPedoChat, still ongoing, which caused many pedophiles to be exposed, in several cases with unpredictable consequences, as in Belgium where a far-right official resigned after Anonymous’ Paedophilia Claims.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

Follow

Get every new post delivered to your Inbox.

Join 2,705 other followers