About these ads

Archive

Posts Tagged ‘September’

September 2014 Cyber Attacks Statistics

October 13, 2014 Leave a comment

I have finally found the time to aggregate the data of September (Part I and Part II) into statistics.

As usual, let us start with the analysis of the Daily Trend of Attacks, which shows quite an heterogeneous trend with two peaks exactly at the beginning of the month and in the middle (yes, curiously during a weekend).

Daily Trend of Attacks

The Motivations Behind Attacks chart sees an unprecedented peak of Cyber Crime events. Still at number one, a constant trend during the last months, but with a remarkable 70.8% (versus 56.3% of August). The trail of POS Malware, the Shellshock vulnerability, and other minor events, certainly left a noticeable. As usual, Hacktivism ranks at number two, far below, with a “modest” 18.1% (was 28.2% in August), while  Cyber Espionage operations confirm a relatively important role (11.1%), despite slightly decreasing in comparison with 14.1% of the previous month.

Motivations Sep 2014

The most noticeable aspect of the Distribution Of Attack Techniques is the surge of SQLi attacks (at number one among the “recognized” attacks with 15.3%, versus 9.9% of August). Defacements follow closely with 11.1%. The third rank is all for the Account Hijacking thanks to “The Fappening” affair.

Attacks Sep 2014

Cyber Crime is on top of the Motivations, and as a consequence Industrial targets are on top of the Distribution of Targets Chart with a noticeable 40.3%, far beyond Governmental targets that, at last for this month, loose the crown (16.7%). The others are well behind, with the attacks towards single individuals (11.3%), which occupy steadily the third place.

Targets Sep 2014

A deeper look at the distribution of the industrial targets, shows a predominance of Software and Video Games targets (14% each). E-Commerce and Retail targets are immediately behind (10% each), sharing their position with Touristic targets, and immediately above Oil and Gas (7%).

Industry Drill Down Sep 2014Organizations Sep 2014

Once again, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics.

Of course follow @paulsparrows on Twitter for the latest updates, and feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

16-30 September 2014 Cyber Attacks Timeline

October 6, 2014 Leave a comment

And finally we can complete the September 2014 Cyber Attacks Timeline (Part I here), with the second part covering the most important events between the 16th and the 30th.

A very fruitful month for Cyber Criminals, since there are several events that will be remembered. For sure the Shellshock vulnerability will spoil the troubled sleeps of many System Administrators. In any case this is not the only remarkable event, the chronicles report of an (un)expected tail of the Celebrity Leak scandal (the so-called Fappening), with other two rounds of leaked pictures occurred on the 20th and the 26th, and a couple of massive breaches against TripAdvisor subsidiary Viator (1.4 million users affected) and Japan Airlines (750,000 users affected). Last but not least, it is also worthwhile to mention the group of teen hackers charged for hacking into Microsoft, the US Army and several game companies, stealing $100 million in Intellectual Property, and the so-called Operation Harkonnen, the longest cyber crime campaign ever.

Regarding the Cyber Espionage, the timeline reports the discovery of yet another Chinese Operation against US contractors, and a coordinated state-sponsored mobile malware aimed to intercept protesters in Hong Kong.

At least for once… Nothing particular interesting for Hacktivism…

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 September 2014 Cyber Attacks Timeline

Read more…

1-15 September 2014 Cyber Attacks Timeline

September 29, 2014 Leave a comment

This month will be probably remembered for the Home Depot breach. Yet another one caused by the same POS malware family that hit Target, with a similar dramatic extension: unfortunately the retailer believes that 56 million of credit cards could have been compromised in this case. After such a similar gigantic breach there is not so much to add as far as Cyber Crime is concerned, as it overshadowed all the rest.

In regards of Hacktivism, this has been a terrible month for Pakistan, which has attracted the unwelcome attentions of hacktivists protesting against the corruption of the government. As a consequence dozens of government sites have been bombarded with DDOS attacks, (with few cases of defacements and leaks).

Nothing particularly important to mention for Cyber Espionage. After the spree of the past months, maybe is time for a break.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 September 2014 Cyber Attacks Timeline Read more…

September 2013 Cyber Attacks Statistics

October 20, 2013 Leave a comment

Even if with a small delay, it is time for the Cyber Attacks Statistics derived from the Cyber Attacks Timelines of September (Part I and Part II).

As usual let us begin with the Daily Trend of Attacks chart. The chart shows a clear peak on September, 27th, due to a wave of attacks of the Anonymous against the Cambodian Government. In general, the number of attacks reported on the news had an increase in the second part of the month.

September 2013 Daily Trend

No surprisingly, US lead the Country Distribution chart. Also, it is worth to mention the second place of Cambodia, as a direct consequence of the wave of attacks carried on by the Anonymous collective. India is in the middle of a Cyber War against Pakistan and this explains his bronze medal just ahead of UK.

September 2013 Country Distribution

The Motivations Behind Attacks chart shows an unexpected overtake of Hacktivism on Cyber Crime. It’s also worth to mention the unusual level of attacks motivated by Cyber Espionage, jumped to a noticeable 10%: better countermeasures that allow to discover a growing number of sophisticated cyber attacks or a consequence of the marketing hype? In any case September has been particularly hard for Oil and Energy Sector that suffered several targeted campaigns.

September 2013 Motivations

The Distribution of Attack Techniques chart is completely unedited. Looks like hacktivists are shifting their preferences to other “unconventional weapons” such as Defacements and Account Hijackings. Maybe these techniques grant more visibility and less risks for the authors. Surprisingly for this month DDoS has fallen to 9% from 17.8% of the previous month. On the other hand targeted attacks are stable at 4%.

September 2013 Distribution

The Distribution of Targets chart confirms governments at number one, just ahead targets belonging to industry. Targets belong to Law Enforcements gained several positions in comparison with the previous month, raising at number three with 6%. Drilling down to industry fragmentation, financial services and E-Commerce lead the chart.

September 2013 Target Distribution

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 September 2013 Cyber Attacks Timeline

October 7, 2013 Leave a comment

It’s time for analyzing the main cyber Attacks happened in September.

From an information security perspective, the second half of September has been characterized by the discovery of three operations related to targeted attacks against different countries and sectors. Two in particular, DeputyDog and IceFrog, targeting have a common denominator: Japan.

In the same period. despite the numerous members brought to court, the Anonymous have continued their operations all over the World (Cambodia and New Zealand have been the hottest fronts).

Considering Cyber Crime, this month has raised the attention to the risks posed by fake KVM switches. With a similar device, a gang of cyber-thieves was able to steal £1.3 M from a Barclays Computer. Unfortunately for them this magic box was not able to avoid them to get busted (in any case they deserved a mention in the timeline). For sure you will remember that a similar cyber-plot has also been tried against Santander.

On the cyber warfare front, the temperature of the virtual battlefield among India, Pakistan and Bangladesh remains quite hot. On the other side of the World, US officials have unveiled an escalation of cyber attacks from Iran. Curiously this admission was done few days before Mojtaba Ahmad, the head of Iran’s cyber warfare programme, has been shot dead (although Iranian officials are denying similar claims).

Last but not least the Belgium Government has admitted to have been the victim of a targeted attack. Unfortunately, in this case the suspects are directed to NSA!

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 September 2013 Cyber Attacks Timeline Read more…

1-15 September 2013 Cyber Attacks Timeline

September 20, 2013 Leave a comment

So unfortunately the Summer is nearly gone, but, despite the sadness for the beautiful season fading away, here we are with the usual analysis of what’s happened in September from a Security Information perspective.

The main event for the first half of September is the massive attack against Vodafone Germany, potentially compromising more than 2 million customer records. Actually it was very hard to declare a main event, since even Belgacom performed was on the infosec news, unleashing some information related to a targeted attack, it was victim of. Always on the Cyber Crime front, it’s also worth to mention the failed (luckily) attack against Santander.

Nothing new under the Hacktivism front, that offered a minor revamp of the Syrian Electronic Army, despite the claims of them being dox’ed, some events in Turkey, where the cyber temperature remains hot despite the Summer fading away, and again some small attacks related to Syria and the NSA affair.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 September 2013 Cyber Attacks Timeline Read more…

September 2012 Cyber Attacks Statistics

October 8, 2012 1 comment

It’s time for the statistics derived from the Cyber Attacks Timeline of September 2012 (Part I and Part II).

I have decided to add another chart reporting the Daily Trend for the Cyber Attacks. According to collected data, the first week of the month has shown the higher concentration of events.

The Motivations Behind Attacks chart reveals the predominance of Cyber Crime which ranked, in September, at number one with the 55% of occurrences, followed by Cyber Crime, at number two with the 42% of occurrences. This is in contrast with the result of the previous month, in which the ranks were pratically inversed (respectively 58% Hacktivism and 36% Cyber Crime).

The Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection over Distributed Denial Of Service. Interesting to notice the position of Targeted Attacks at the fifth place with the 5% of occurrences (I wonder how many will go undetected). Of course the main purpose of Targeted Attacks is to remain undetected for long time. Is the fact that they appear in the chart a sign of increasing detection capabilities by technological and human countermeasures?

Last but not least, the Distributon Of Targets Chart confirms the preference of Cyber Crooks against Government targets which rank at number one with the 23.6 of occurrences. Industry targets rank at number two with nearly 15% of occurrences, immediately before targets belonging to various organizations which rank at the third place with 12.2% of occurrences. Targets belonging to finance rank at number four with the 9% of occurrences, mainly due to the wave of DDoS Cyber attacks against U.S. Banks.

Again, I will never get tired of repeating that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period.

In any case, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,094 other followers