Archive

Posts Tagged ‘Twitter’

1-15 February 2015 Cyber Attacks Timeline

February 17, 2015 Leave a comment

I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.

These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.

It is very hard to choose which one deserves the (not so) coveted prize, in any case a consideration is worth: there could not have been a worst way to begin this 2015 Infosec year.

Moving on along the timeline, other interesting events appear, such as the compromising of the Forbes web site (again Flash is on the spot) by a Chinese APT Group dubbed Codoso, a “mobile tail” of the Operation Pawn Storm, now spreading to iOS devices, and eventually an unprecedented campaign targeting Syrian rebels using a combination of fake social media and Skype accounts associated with fictional female characters.

In background, as usual, multiple events driven by hacktivism, whose most remarkable one is undoubtedly the massive campaign carried on by the Anonymous collective, aimed to erase hundreds of pro-ISIS accounts and profiles from the Cyber Space (in particular from Facebook and Twitter).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2015 Cyber Attacks Timeline Read more…

16-31 January 2015 Cyber Attacks Timeline

February 2, 2015 2 comments

It’s time for the second part of the January Cyber Attacks Timeline (Part I here).

In comparison with the first half of the month, in absolute terms, these two weeks have seen a slightly smaller number of attacks. However, even if the general trend has shown a decrease, the hacktivists (most of all the pro-Islamist ones) have been equally very active (and the French evening newspaper Le Monde, fallen under the keystrokes of the infamous Syrian Electronic Army, is the most illustrious victim).

Turning the attention to Cyber Crime, the most important event related to this category is probably the leak of 700,000 accounts from the Australian travel insurer Aussie Travel Cover. Of course there are many other background events, but no one reached an impact as noticeable as that.

Last but not least, I have not recorded noticeable events or campaigns related to Cyber Espionage.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Jan 2015 Cyber Attacks Timeline Read more…

16-31 June 2014 Cyber Attacks Timeline

I do not know if being happy or not, but it looks like the second half of June (the first timeline covering 1-15 June is here) has seen a sharp inversion of the decreasing trend recorded on the last few months. I have registered an increase of the number of attacks with particular focus on targeted attacks.

The cyber crime front offered several noticeable events, targeting, just to mention the most devastating cases: AT&T, Evernote, the State of Montana (1.3 million single individuals potentially affected), and Butler University.

Moving to hacktivism, the cyber temperature is still high in Brazil, where the hacktivists concentrated their unwelcome attentions. Other points of interest involve Pakistan, and US.

Last but not least, this period recorded an unusual number of targeted attacks spotted in the news. The list includes (but is not limited to): the British Government Secure Intranet, an US Hedge Fund, Vietnamese Ministry of Natural Resources and Environment, ICS vendors in US and Europe and a Government Agency in Taiwan.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2014 Cyber Attacks Timeline rev2

Read more…

1-15 June 2014 Cyber Attacks Timeline

It just looks like attackers are enjoying the beginning of the Summer, since the first half of June confirms the decreasing trends.

The controversial 2014 World Cup has revived the hacktivists, and in particular the Anonymous collective who kicked off the Operation OpWorldCup, targeting Brazilian Governmental institutions and Sponsors of the World Cup.

Looking at the Cyber Crime, the most remarkable event of the month is the extortion attempt against  Belgian and French customers of Domino’s Pizza (650,000 users affected). It is also worth to mention the wave of DDoS attacks against Feedly and Evernote, in the first case motivated by extortion, and also the compromising of a US Army database in South Korea.

Last but not least, chronicle report the details of two Cyber Espionage Operations: Operation Molerat, originating allegedly from Middle East, and yet another one from China, discovered by Crowdstrike and attributed to a group dubbed Putter Panda.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2014 Cyber Attacks Timeline

Read more…

16-31 May 2014 Cyber Attacks Timeline

Here we are with the second part of the timeline of May (first part here).

Summer is coming here, and looks like attackers prefer to spend more  time in the beach rather than in front of their keyboards. In fact the number of reported attack is confirming its decreasing trend, at least for this part of the year.

Nonetheless, the second part of may has brought some noticeable events, such as the attack to Ebay (potentially 145 million accounts compromised), the attack against the Avast! Forum (400,000 records compromised) and the Arkansas State University (“only” 50,000 records). Other noticeable (and funny) event includes the hack of a San Francisco road sign by a prankster announcing the attack by Godzilla!

Cyber Spies were indeed pretty active in this period. Chronicles report of the Operation Clandestine Fox, a cyber attack against several industries in Australia, an undisclosed utility attacked in the US, a three year social network poisoning campaign sponsored by Iran and, last but not least, the alleged attack against the $12.7 million supercomputer in New Zealand from Chinese attackers.

Instead the operations from Law Enforcement Agencies against Hacktivists seem to be effective, the number of attacks motivated by hacktivism is dramatically reducing.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 May 2014 Cyber Attacks Timelinesv2

Read more…

1-15 May 2014 Cyber Attacks Timeline

May 27, 2014 1 comment

Here we have with the list of the most significant Cyber Attacks happened in the first half of April (according to my very own point of view).

There are few doubts about the fact that Orange is the winner of the unwelcome prize for the most noticeable breach after the theft of the information of 1.3 million users.

Other interesting events related to Cyber Crime include the breach of Bitly, the famous URL shortening service and a new heist against a virtual currency wallet (this time the victim is Doge Vault, one of the most popular online repositories for the cryptocurrency Dogecoin).

Moving to Cyber Espionage, this month reports two interesting events, the theft of Data related to the Ukraine crisis from the Belgian Foreign Ministry, and the discovery of Operation Saffron Rose, a long-term campaign against western defense contractor carried on by a team of Iranian hackers dubbed Ajax Security Team.

Last but not least, among the hacktivists, chronicles report of  a new action of the infamous Syrian Electronic Army (against four accounts of The Wall Street journal) and the usual skirmishes between Pakistani and Indian hackers (but is questionable in my opinion to determine if those events can be classified as part of a harmless cyber war or are rather mutual actions between hactivists acting on opposite sides).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2014 Cyber Attacks Timelines Read more…

16-30 April 2014 Cyber Attacks Timeline

It’s time for the report of the cyber activity in April. As usual this post summarizes the main events between 16 and 30 April, whereas the first part covering the attacks between 1 and 15 April 2014 can be found here (ok, actually there’s one attack I had to include in this timeline, dated 10 April).

Apparently this second half has shown a decreasing trend (who knows, maybe the Easter has brought good intentions), nonetheless there have been some noticeable events such as the breach to AOL Mail affecting potentially 50 million users, the breach to Eircom and the interesting trend of attacks against educational institutions (Universities of Virginia, Iowa, North Carolina Wilmington).

In this general decreasing trend, even the attacks motivated by hacktivism have shown a consistent reduction in volume and impact (the Syrian Electronic Army has admitted to be in vacation).

Nothing else of particularly significant to mention but the continual cyber skirmishes between India and Pakistan. Although interesting from an analytic  perspective, the attacks were ‘limited’ to defacements, and hence the overall impact was modest.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2014 Cyber Attacks Timelines Read more…

Follow

Get every new post delivered to your Inbox.

Join 3,509 other followers