16-30 June 2015 Cyber Attacks Timeline

Great news! With this article, I have decided to change the timeline, moving from a static infographic-style format, to a tabular format, which allows to sort, filter and search for specific items inside the timeline.

Of course there is a price for everything: inserting and fitting the images (attackers’ avatars and targets’ logos) inside the table cells is time expensive, and as a consequence I have decided to remove them. The graphical look-and-feel will loose something, however I believe that the table usability is worth the price. I hope you will like it, and please let me know if you have comments/hints, etc. Also I left an Easter Egg after the table!

After this needed introduction, let’s have a look to the threat landscape of the second half of June.

From this standpoint, The Canadian cyberspace has suffered the worst consequences. The approval of the controversial bill C-51 has unchained a tide of attacks by the Anonymous collective against websites related to the Central Government and law enforcement agencies.

Other interesting events of include a DDoS attack against LOT Polish Airlines, which has forced 1,400 passengers of the carrier to remain grounded at the Warsaw Airport, a completely unprecedented attack of a baseball franchise (St. Louis Cardinals) against a competitor (Houston Astros), and the return of the infamous TeamGhostShell.

Enjoy the new timeline and, as usual, remember keep the level of attention very high. in the same time if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow@paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

IDDateAuthorTargetDescriptionAttackTarget
Class
Attack
Class
CountryLink
1Jun 12?Algonquin CollegeA server hack at Algonquin College in Ottawa leaves the personal information of more than 1,000 former students vulnerable but no data was taken, according to the college.UnknownEducationCCCAhttp://www.cbc.ca/news/canada/ottawa/algonquin-college-server-hacked-but-no-data-taken-college-says-1.3111379
2Jun 12?Infosys LtdThe salary accounts of more than 23 employees of software major, Infosys, in several cities across the country are, hacked and money siphoned off.UnknownIndustry: SoftwareCCINhttp://www.thehindu.com/news/national/andhra-pradesh/infosys-salary-accounts-hacked/article7307591.ece
3Jun 15?Japan Environmental Storage & Safety Corp.The internal computer network of the state-run Japan Environmental Storage & Safety Corp., which manages temporary storage sites for decontaminated waste from the Fukushima nuclear disaster, is infected by a computer virus.MalwareIndustry: waste treatmentCCJPhttp://www.japantimes.co.jp/news/2015/06/17/national/fukushima-radioactive-waste-storage-operators-intranet-infected-by-virus/#.VZNpUefSjLB
4Jun 16?>1Researchers from Palo Alto Networks reveal the details of a campaign dubbed “Operation Lotus Blossom” carried out via more than 50 attacks, executed via CVE-2012-0158, against government and military organizations across Southeast Asia over the last three years.Targeted AttackGovernment

Military
CE>1http://researchcenter.paloaltonetworks.com/2015/06/operation-lotus-blossom/
5Jun 16St. Louis CardinalsHouston AstrosThe St. Louis Cardinals baseball franchise is investigated by the FBI for allegedly hacking into the network of the Houston Astros in order "to steal closely guarded information about player personnel”.UnknownSingle IndividualCCUShttp://www.nytimes.com/2015/06/17/sports/baseball/st-louis-cardinals-hack-astros-fbi.html
6Jun 16?Bonnier PublicationsAttackers believed to have originated in China hack into the email of Bonnier Publications CEO Dave Freygang and steal $1.5 million with a fraudulent electronic transfer.Account HijackingIndustry: MediaCCSEhttp://nypost.com/2015/06/16/magazine-publisher-swindled-out-of-1-5-million-in-cyber-fraud/
7Jun 16?EFnetEfnet, a major IRC network, is compromised, putting at risk, potentially, 35,000 users.Account HijackingForumCCCAhttp://forum.efnet.org/viewtopic.php?t=8428
8Jun 16Phénoméne DzUniversity of Baltimore affiliated website (bniajfi.org)Federal officials investigate after a University of Baltimore affiliated website (bniajfi.org) is defaced with a pro-ISIS message.DefacementEducationHUShttp://www.wbaltv.com/news/University-of-Baltimore-affiliated-website-hacked/33611654
9Jun 17AnonymousCanadian Governments Web SitesMore than a dozen Canadian government departments are taken down by a DDoS attack. The Anonymous collective claims responsibility for the attack, against the controversial C-51 bill.DDoSGovernmentHCAhttp://www.zdnet.com/article/canada-government-websites-offline-amid-ongoing-cyberattack/
10Jun 17?digitalcostitution.comdigitalconstitution.com, the Microsoft's website dedicated to fighting the US government on matters of policy and surveillance is hacked to display spam links to casino-related pages.Malicious Content InjectionIndustry: SoftwareCCUShttp://www.zdnet.com/article/microsofts-site-devoted-to-fighting-the-us-government-just-got-hacked/
11Jun 17?German BundestagAccording to a report by G DATA, the German Bundestag is the target of a cyber attack carried on via a variant of the online banking trojan Swatbanker.Targeted AttackGovernmentCEDEhttps://www.gdatasoftware.com/newsroom/news/article/second-round-of-cyber-attacks-on-the-german-federal-parliament-bundestag
12Jun 17?LC Industries, Inc.LC Industries, Inc., which operates the Tactical Assault Gear website (tacticalassaultgearstore.com), notifies 3,754 customers that malware discovered on the website has been used to gain access to personal information.MalwareIndustry: E-CommerceCCUShttp://www.scmagazine.com/malware-on-tactical-assault-gear-website-targets-customer-information/article/423302/
13Jun 17?SussanFashion retailer Sussan takes down its own website for six days following “a security incident”.UnknownIndustry: ClothingCCAUhttp://www.smartcompany.com.au/finance/47401-sussan-s-website-goes-down-after-security-breach.html#
14Jun 18?Akorn, Inc.Akorn Inc., a niche pharmaceutical company has a customer database with more than 50,000 records compromised by a hacker who offers to sell the data on the dark web.SQLiIndustry: PharmaceuticalsCCUShttp://www.csoonline.com/article/2938032/data-breach/akorn-inc-has-customer-database-stolen-records-offered-to-highest-bidder.html
15Jun 19?Harvard UniversityHarvard discovers an intrusion on the Faculty of Arts and Sciences and Central Administration information technology networks. A subsequent investigation reveals that eight schools and administrative organizations have been affected altogether.UnknownEducationCCUShttp://www.net-security.org/secworld.php?id=18586
16Jun 19Iranian Hackers>1The Saudi documents leaked by WikiLeaks suggest that Iranian hackers could have infiltrated the system of a dozen countries, included the United States.Targeted AttackGovernmentCW>1http://www.washingtonpost.com/world/middle_east/theft-of-saudi-documents-suggests-an-iranian-hack-experts-say/2015/06/25/dd2f57e2-19c2-11e5-bed8-1093ee58dad0_story.html
17Jun 14@THTHeraklesHyundai Motor Company@THTHerakles claims to have hacked the Brazilian branch of the motor corporation and dumps 350 records including userid, name, telephone number, email address, and other detailsSQLiIndustry: AutomotiveCCBRhttp://www.databreaches.net/hyundai-customer-information-leak/
18Jun 19?COA Network, Inc.COA Network, Inc. detects a pattern of irregular activity affecting its computer systems, and consequently reveals that all customer information could be potentially compromised.Brute ForceIndustry: SoftwareCCUShttp://www.scmagazine.com/coa-network-breached-all-customer-data-treated-as-potentially-compromised/article/422637/
19Jun 19?DungareesDungarees notifies an undisclosed number of customers that its website (dungarees.net) was attacked, and credit and debit card information may have been compromised.MalwareIndustry: E-CommerceCCUShttp://www.scmagazine.com/dungarees-website-attacked-payment-cards-potentially-compromised/article/422373/
20Jun 19?Single Individuals700 images of women from "Brisbane and surrounding areas" are uploaded to an online forum, with a link to a New Zealand-based file-sharing service.UnknownSingle IndividualsCCAUhttps://nakedsecurity.sophos.com/2015/06/25/hundreds-of-australian-nude-images-posted-without-womens-consent/
21Jun 20@ro0tedMontreal Police Union (fppm.qc.ca)In name of #OpC51, @ro0ted, a hacker affiliated with the Anonymous collective defaces the official website of Montreal Police Union (fppm.qc.ca Fraternité des policiers et policières de Montréal) against the approval of anti-terror law C-51 that weakens Internet privacy.DefacementOrg: Police UnionHCAhttps://www.hackread.com/anonymous-hacks-candian-govt-against-bill-c51/
22Jun 21?LOT Polish AirlinesAround 1,400 passengers of LOT (the flag carrier of Poland) are stranded at Warsaw's Chopin airport after the flight plan system go down for around five hours after suffering a DDoS attack. Few days later some doubts emerge about the real nature of the attack.DDoSIndustry: AirlineCCPLhttp://www.reuters.com/article/2015/06/22/us-poland-lot-cybercrime-idUSKBN0P21DC20150622
23Jun 21Kuroi’SHGoogle VanuatuA hacker going with the handle of Kuroi’SH defaces the Google Vanuatu domain (google.vu) in support for the freedom of Western Sahara.DNS HjiackingIndustry: Interent ServicesHVUhttps://www.hackread.com/google-vanuatu-domain-hacked/
24Jun 22?Scrypt.ccCloud mining hash power online marketplace Scrypt.CC is hacked and a large, undisclosed amount of Bitcoin and hashing power is stolen.UnknownBitcoin Cloud MiningCCUShttp://www.newsbtc.com/2015/06/22/scrypt-cc-hacked-large-amount-of-bitcoin-stolen/
25Jun 22?Katie HopkinsThe Twitter account of Katie Hopkins is hacked and posts several offensive tweets.Account HijackingSingle IndividualCCUKhttps://grahamcluley.com/2015/06/katie-hopkins-twitter-hacked/
26Jun 22?Waseda UniversityWaseda University admits that it took about half a year before it discovered that personal data on roughly 3,300 officials and students were leaked from an infected machine.MalwareEducationCCJPhttp://mainichi.jp/english/english/newsselect/news/20150623p2g00m0dm002000c.html
27Jun 23APT3>1FireEye discovers a new phishing campaign carried on by the APT3 threat actor against organizations in several industries via CVE-2015-3113.Targeted Attack>1CE>1https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
28Jun 23@ro0tedIntelligent Transportation Systems (itscanada.ca)In name of #OpC51, @ro0ted dumps the Intelligent Transportation Systems (ITS) website (itscanada.ca) and dumps the details of several officers.UnknownOrg: TransportationHCAhttp://motherboard.vice.com/read/anonymous-claims-it-leaked-passwords-and-credit-card-info-of-canadian-officials
29Jun 24@ro0tedPolice Association of Ontario, Canada (pao.ca)In name of #OpC51, @ro0ted hacks the Police Association of Ontario, Canada (pao.ca) and leak personal details of its 1,300 employees and registered users.SQLiLaw EnforcementHCAhttps://www.hackread.com/anonymous-hacks-police-ontario-police-bill-c51/
30Jun 24?47 US government agenciesRecorded Future, a CIA-backed startup, discovers login credentials and passwords for 47 US government agencies littered across the Internet, leaving federal agencies potentially at risk of cyberattack.UnknownGovernmentCCUShttps://www.recordedfuture.com/government-credentials-report/
31Jun 24?Hershey ParkHershey Park hires a security firm to investigate reports from multiple financial institutions about a possible credit card breach,UnknownIndustry: HospitalityCCUShttp://krebsonsecurity.com/2015/06/hershey-park-investigates-card-fraud-pattern/
32Jun 24@str0ke_Wounds International (woundsinternational.com)A hacker dubbed str0ke AKA @str0ke_ claims to have hacked Wounds International (woundsinternational.com) and dumps 12,999 unique emails and passwords, plus 4 administrator credentials.SQLiOnline ServicesCCUKhttp://pastebin.com/pDKVcU2Z
33Jun 24?Clarksville Town CourtPersonal information of thousands of individuals in Clarksville, Ind., might be compromised after Clarksville Town Court servers were hacked sometime earlier this week.UnknownGovernmentCCUShttp://www.courier-journal.com/story/news/local/2015/06/24/clarksville-indiana-town-court-case-files-hacked/29237627/
34Jun 25@KyfxsecSPOTIFYMUSIC.SEA hacker called @Kyfxsec claims to have hacked SPOTIFYMUSIC.SE (a Spotify users forum) and dumps 4,432 usernames and passwords.SQLiOnline ForumCCSEhttp://pastebin.com/JtCxfY98
35Jun 27ASOR Hack Teamverdadegospel.comA team of hackers going with the handle of ‘ASOR Hack Team’ defaces a famous Protestant Brazilian online news portal (verdadegospel.com) against its anti-LGBT/same-sex marriage stance.DefacementNewsHBRhttps://www.hackread.com/gospel-news-portal-hacked-with-lgbt-flag/
36Jun 27AnonOpsIndiaincometaxindiaefiling.gov.inAnonOpsIndia claims to have hacked incometaxindiaefiling.gov.in and dumps 2000+ detailsSQLiGovernmentHINhttp://anonopsindia.tumblr.com/post/122613376221/pan-database-hacked-no-data-was-tampered-but
37Jun 28AnonOpsIndiaUnspecified coal siteAnonOpsIndia claims to have hacked an unspecified governmental site related to coal allocation and dumps several screenshots to prove the action,UnknownGovernmentHINhttp://anonopsindia.tumblr.com/post/122677406546/two-days-two-security-breaches-goi-stop
38Jun 29TeamGhostShell>1After almost exactly 2 years and 6 months, the TeamGhostShell is back and dumps 444 databases from different targets.>1>1H>1http://www.cyberwarnews.info/2015/07/01/teamghostshell-returns-with-leak-the-entire-summer/
39Jun 29AnonghostUnited NationsThe hacktivist group AnonGhost defaces the official website of United Nations designated for the Kingdom of Jordan, leaving a message in support of free Palestine (un.org.jo).DefacementOrg: United NationsHJOhttps://www.hackread.com/anonghost-hacks-united-nations-jordan-website/
40Jun 29EXCiDiUMNC State UniversityA hacker called EXCiDiUM claims to have hacked the NC State University and dumps 1,338 usernames with clear text passwords.UnknownEducationCCUShttp://pastebin.com/bU2EVAgy
41Jun 30France?IranSecurity researchers at ESET publish the analysis of an apparently state-sponsored cyber-espionage tool used to target computers in Iran. The malware is named "Dino" by its developers and is described as a "full featured espionage platform." Suspects are directed to France.Targeted Attack>1CEIRhttp://www.welivesecurity.com/2015/06/30/dino-spying-malware-analyzed/
42Jun 30AerithCanadian Security Intelligence Service (csis.gc.ca)The Canadian Security Intelligence Service website (csis.gc.ca) is down for the third time in the last 24 hours. A rogue hacker using the name "Aerith" claims responsibility for the outages.DDoSLaw EnforcementHCAhttp://www.ctvnews.ca/canada/csis-website-under-repeated-cyberattacks-1.2447166
Legend:

H Hacktivism

CC Cyber Crime
CE Cyber Espionage
CW Cyber War

Download the original CSV file: CSV Icon

One thought on “16-30 June 2015 Cyber Attacks Timeline

  • July 25, 2015 at 1:24 am
    Permalink

    I was using your charts to show my colleagues the data you have so diligently collected. I cannot do that without any colors or graphics; they simply don’t want to look at it. Humans are that way I suppose. I can do some formatting in Excel before the meetings. It’s worth it to me to spend the extra time. I do thank you for collecting this data, keep up the good work!

    Reply

Leave a Reply

%d bloggers like this: