As usual, here is the list of the main cyber attacks for April 2012. A first half of the month which has been characterized by hacktivism, although the time of the resounding attacks seems so far away. Also because, after the arrest of Sabu, the law enforcement agencies (which also were targeted during this month, most of all in UK), made two further arrests of alleged hackers affiliated to the Anonymous Collective: W0rmer, member of CabinCr3w, and two possible members of the infamous collective @TeaMp0isoN.
In any case, the most important breach of the first half of the month has nothing to deal with hacktivism, targeted the health sector and occurred to Utah Department of Health with potentially 750,000 users affected. According to the Last Ponemon Study related to the cost of a breach ($194 per record) applied to the minimum number of users affected (250,000), the monetary impact could be at least $ 55 million.
Another interesting event to mention in the observed period is also the alleged attack against a Chinese Military Contractor, and the takedown of the five most important al-Qaeda forums. On the hacktivist front, it worths to mention a new hijacked call from MI6 to FBI, but also the alleged phone bombing to the same Law Enforcement Agency. Both events were performed by TeamPoison, whose two alleged members were arrested the day after.
For the sample of attacks I tried to identify: the category of the targets, the category of the attacks, and the motivations behind them. Of course this attempt must be taken with caution since in many cases the attacks did not target a single objective. Taking into account the single objectives would have been nearly impossible and prone to errors (I am doing the timeline in my free time!), so the data reported on the charts refer to the single event (and not to all the target affected in the single event).
As usual the references are placed after the jump.
By the way, SQL Injection continues to rule (the question mark indicates attacks possibly performed by SQL Injection, where the term “possibly” indicates the lack of direct evidences…).
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @pausparrows on Twitter for the latest updates.
February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.
The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.
Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.
Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful:
- List of all vulnerable websites attacked by anonymous Part II (updated daily) (via cylaw.info)
- List of Websites Hacked, Defaced & Taken Down By Anonymous (via valuewalk.com)
Update 06/22/2011: Other tweets of Cyberwar: it lools like the Operation #OptItaly is going on. Currently the site http://www.renatobrunetta.it is under DDoS attack and does not reply correctly to connection requests (it takes too much to load and sometimes the page is not open).
It looks like that the #AntiSec Operation has landed in Italy. The Anonymous boats have bulleted their ammunitions against some Web Sites affiliated with PM Silvio Berlusconi and, although the operation started more than ten hours ago, the situation is not completelely back to normal.
Yesterday evening the web sites were invested with an impressive wave of DDos attacks: all the sites were unavailable and right now, http://www.governoberlusconi.it is still not responding.
This is the first (known) example of the #AntiSec (Anti-Security) operation in Italy issued by the hacker group Lulzsec (famous for the repeated attacks to Sony, Nintendo, CIA and FBI-affiliated). The #AntiSec manifesto declares a real cyber war, whose top priority is to steal and leak any classified government information, including email spools and documentation (with banks and other high-ranking establishments declared as Prime Targets) “teaming up with the Anonymous collective and all affiliated battleships.”
For the chronicle the first act of this cyberwar has been a massive DDoS attack against SOCA on June, the 20th, and yesterday a fake declaration was posted on pastebin indicating the next release of the 2011 UK Census.
Moreover, yesterday a joint operation between FBI and Scoltland Yard arrested Ryan Cleary, an 19 years old boy in Essex, claimed to be the head of the LulzSec group. After an initial silence the LulzSec tweets were back indicating the boy arrested was a “simple” Admin of a server used for IRC (here a full story with an amusing perspective from the famous tabloid The Sun) and was in no way affiliated to the group.
The revenge of the group was merciless: LulSec replied leaking personal information of two hackers claimed to have supported FBI and Scotland Yard (defined “FBI & other law enforcement clowns”) for the investigations.
The war is just beginning no holds barred.
- LulzSec Teams With Anonymous, In Operation AntiSec (news.slashdot.org)
- SOCA website scalp claimed by LulzSec in apparent DDoS attack (nakedsecurity.sophos.com)
- Police arrest teen from Lulz Security for DDOS attack (infoworld.com)