About these ads

Archive

Posts Tagged ‘Security’

Middle East Cyber War Timeline (Part VIII)

March 18, 2012 1 comment

This last week has seen some remarkable events an undoubtable revamp of data leaks inside the Middle East Cyberwar.

Not only the infamous 0xOmar, the initiator of the Middle East Cyber War, reappeared, leaking alleged secret data from some Israeli Virtual Israeli Air Force School websites; but also the Pakistani zCompany Hacking Crew has re-entered the scene unchaining the original weapon, that is the Credit Card leak. As a matter of fact ZHC published 5,166 records containing working credit cards, usernames, emails and addresses of individual supporters of the Zionist Organisation of UK & Ireland (zionist.org.uk).

On a different front, the massive defacements of websites all over the world in support of #OpFreePalestine continued. Under the label of the same operation, the Anonymous also “doxed” several companies and individuals on pastebin.

As far as the two main contenders (Iran and Israel) are concerned, the strategies seem quite different.

Iran has shown a cyber activity culminated in the alleged attack against the BBC Persian Service. For this nation, it is also important to notice its “cyber autarky”, maybe a choice forced by the embargo, that led to the creation of an internal email service, in contrast to the traditional Gmail, Yahoo, etc. This happens few weeks after the decision to develop an internal Antivirus.

On the opposite front, Israel keeps on its apparent cyber silence. Is it the prelude for the feared military action against Iran?

If you want to be constantly updated on the Middle East Cyber War, at this link you find the complete timeline. Also follow @paulsparrows on Twitter for the latest updates!

Read more…

About these ads

After latest F-35 hack, Lockheed Martin, BAE Systems, Elbit under multiple cyber attacks….right now.

March 14, 2012 2 comments

Cross Posted from TheAviationist.

I have just published a timeline covering the main Cyber Attacks targeting Military Industry and Aviation, but it looks like the latest events will force me to post an update, soon.

Although perpetrated with very different timelines, origins and motivations behind them, the last three days have seen a new wave of attacks against military industry that has unexpectedly become the point of intersection between cybercrime and cyberwar.

The first clamorous attack was disclosed a couple of days ago, when the Sunday Times revealed that alleged Chinese Hackers were able to penetrate into computers belonging to BAE Systems, Britain’s biggest defence company, and to steal details about the design, performance and electronic systems of the West’s latest fighter jet, the costly F-35 Joint Strike Fighter. The hacking attack has raised concerns that the fighter jet’s advanced radar capabilities could have been compromised and comes few weeks after papers about the future British-French drone were stolen in Paris.

Apparently, once again, an APT-based attack, or maybe one of its precursors, since it was first uncovered nearly three years ago. In any case, according to the sources and the little information available, it lasted continuously for 18 months, exploiting vulnerabilities in BAE’s computer defences to steal vast amounts of data. A fingerprint analogous to other similar cyber operations, allegedly generated from China such as Operation Aurora or the controversial operation Shady RAT.

Details of the attack have been a secret within Britain’s intelligence community until they were disclosed by a senior BAE executive during a private dinner in London for cyber security experts late last year.

Curiously the F-35 seems to be a very attracting prey for hackers as it was already the victim of a Cyber Attack in 2009; once again the latest attack is believed to be originated from China, who is showing a restless cyber activity.

Although completely different for impact and motivations, a second attack has just been announced by the infamous hacking collective Anonymous, which, in name of the #OpFreePalestine operation, has published the contact details for senior staff at BAE (hit once again), Lockheed, Gulfstream Aerospace, a division of General Dynamics, and the United States Division Of Israeli Owned Arms Company Elbit Systems. An attempt to embarrass military industry considered involved in the events happening in Palestine.

Although the data dumps apparently contain little valuable information (according to V3.co.uk many of the telephone numbers listed are for company headquarters, while several of the names appear to be out of date), the latest attacks represent a quantum leap in the Middle East Cyber War, after the “reign of terror” threatened by Anonymous against Israel.

The F-35 JSF is not only the most advanced stealthy fighter plane of the next future. It is also the most expensive. That’s why some partners have been compelled to downsize their initial requirements because of cuts imposed by the increasing unit price (with the new contract the total unit cost for an LRIP 5 jet is 205.3 million USD!!).

Apparently these cuts are interesting even the IT Security budgets of the manufacturers.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow the author of this article @pausparrows on Twitter for the latest updates.

February 2012 Cyber Attacks Timeline

March 5, 2012 1 comment

Find here February 2012 Cyber Attacks Timelime Part I.

With a small  delay (my apologies but the end of February has been very busy for me and not only for Cybercrooks as you will soon see), here it is the second part of my compilation with the main Cyber Attacks for February 2012.

Easily Predictable, the Hacktivism is still the main concern for System Administrators, in particular for the ones of Stratfor who suffered a huge leak of 5 million of emails.

On the same front, the threats of the Anonymous for the Friday actions have come true and as a matter of fact Law Enforcement Agencies suffered other remarkable breaches in this month: Infragard for the second time and also Interpol (a new entry) that was taken down after the arrest of 25 members of the collective. Anti ACTA protest also continue to shake Europe as also the delicate economical and social situation in Greece.

Last but not least, this month has also seen an unforgettable leak, affecting potentially more than 1.000.000 Youporn users.

As usual, the chart does not include the events related to Middle East Cyber War Timeline, that you may find at this link, as they “deserve” a dedicated timeline.

After the jump you find all the references, follows @paulsparrows for the latest updates on a regular basis and also have a look to the 2012 Cyber Attacks Timeline Master Index.

Read more…

Middle East Cyberwar Update (Part VI)

February 28, 2012 2 comments

Looks like Israel has approached a “wait and see” strategy, as these last days of cyber war have seen almost exclusively actions against that country without any appreciable response. In a certain sense, most of all at the Israeli site, the cyber conflict seems to have fallen into a rest, even if new actors have entered the scene, as is the case of the Mauritania Hacker Team, who opened with the leak of 2500 Israeli emails and claimed to have hacked the Central Bank of Israel. Despite these events the number and intensity of the attacks is no longer that of the early days.

The frequency of the attacks has drastically fallen, even because the early cyber fighters seem to have disappeared, apart from the AlienZ who, every now and then reappear with some dumps against arab sites (and not only).

In the meantime, Iran is suffering several sparse attacks from the Anonymous, targeting that country in the name of #OpIran, and in contemporary attacks its Azerbaijani neighbors considered close to Israel.

Interesting to notice I also found evidence of internal attacks in Iran against reformist websites considered close to former President Mohammad Khatami. The storyboard follows the same line both in real and virtual world.

Apparently Israel seems not to respond to attacks. A temporary truce or a real turnaround?

(At this link you can find the complete Middle East Cyber War Update and follows @paulsparrows for the latest updates.)

Read more…

Looking Back…

January 13, 2012 Leave a comment

Actually this post is nearly a couple of weeks in delay (last week I was skiing in at the Italian Dolomites!!). (Un)fortunately now that I am back to home (and to work), I have choosen this Friday The 13th, while preparing my traditional Cyber Attacks Master Index for the first half of January 2012, to give a quick look to the past year in terms of my blogging activity in order to discover which where the posts which collected most views (more than 60,000 in total), of course excluding the home page.

As you will easily notice the articles related to cyber attack statistics dominate the Top 10. For sure it is not a coincidence that some of the included articles were also quoted by leading security firms such as Kaspersky and IBM). Of course, for a correct interpretation of the chart you should also consider the period of the year in which each article was written (before the article is written, greater is the number of potential readers) and also the fact that the master index is continuously updated.

Date

Title

Views

Aug 11, 2011

One Year Of Android Malware (Full List)

16,737

Dec 31, 2011

2011 Cyber Attacks Timeline Master Index

3,668

Aug 16, 2011

Antisec hacks another Defense Contractor

2,406

Apr 17,2011

TCP Split Handshake Attack Explained

2,110

Jun 22, 2011

2011 CyberAttacks Timeline

1,535

Jun 28, 2011

2011 Cyber Attacks (and Cyber Costs) Timeline (Updated)

1,195

Dec 15, 2011

One Year Of Lulz (Part I)

1,090

Sep 15, 2011

Anatomy Of A Twitter Scam

938

May 1, 2011

Social Espionage

696

Sep 2, 2011

August 2011 Cyber Attacks Timeline

590

Yes, the post dedicated to Android Malware ranked undoubtely at number 1 (it even deserved a mention on Engadget) but also the Cyber Attacks Master index “performed well” even if at a great distance (but it was destined for a more professional audience) being quoted in many information security forums.

At rank number 3 there is a summer post dedicated to cyber attacks targeting contractors (clearly it is updated to August and could not include STRATFOR), which, actually a surprise for me, gained an unexpected attention under the Dog Days (a prolific period for blogging).

Clearly my readers have shown a great interest for security statistics, since in order to find a more technical article we have to browse the chart until number 4 with my post dedicated to TCP Split Handshake. In that circumstance I forced myself to investigate the question since when I first stumbled upon it after the NSS report (and the consequent turmoil) I must confess I had never heard about it.

Again statistics at ranks number 5, 6, and 7, until number 8 which is hold by a post dedicated to a scam targeting Twitter and mobile users. At that time the scam lured so many victims, who consequently “googled” the phrase “This made me laugh so hard when i saw this about you lol” (the symptom of the scam) and were hence redirected to that article.

A particular mention is also deserved by the Social Espionage at number 9, dealing with the threats hidden behind social networks: the Social Network Poisoning seen from the perspective of several resounding examples such as Primoris Era and Robin Sage.

In any case, forgive me if I could not do it before, I really would like to say thank you to all the Information Security Professionals who inspired my work (which I decided to quote in a very special manner)…

But most of all I want to say thank you to all the readers who stumbled upon my blog and decided to keep on reading (and retweeting) the articles regularly. Hope they will find in 2012 the same level of interest shown in the past year. Since it is not so easy to conciliate my professional and personal life with my blogging activity (thanks to my wife Romina for her patience), their appreciation is the scope of my work and a crucial driver to improve the level of quality…

Discover The Misplaced Detail

December 19, 2011 2 comments

It is time of huge dumps in Italy. Yesterday Cyberwarnews reported of 9000 accounts leaked from qualitapa.gov.it, a website linked to Italian Minister of Public Administration and Innovation. It is not the first time a similar occurrence happens in “Belpaese” (you will remember the Hot Summer with the controversial hack of CNAIPIC, The Italian Cyber Police and the subsequent hack of some contractors), for sure it is the first time such a huge number of accounts is dumped in Italy.

I would not prefer to comment, I only noticed in particular one account that looks familiar, extremely familiar and dangerously reminds the name (and the initial of the surname) of the former Minister of Justice. I hope it is only a coincidence… On the other hand if even the UN Account of The President Barack Obama is dumped, why should not it happen for the account of a former Italian Minister…

Follow

Get every new post delivered to your Inbox.

Join 3,204 other followers