It’s finally time to publish the timeline of the main cyber attacks occurred in the second half of May.... Read More
I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.
These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.
The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.
Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).
It’s time for the second timeline of October (Part I here) covering the main cyber attacks between the 16th and 31st: yet another consistent list confirming the growing trend of the last period.
In particular, in these two weeks the most important events have been spotted inside Cyber Espionage, whose chronicles report, among other, a state-sponsored attack to an unclassified network of the White House, a relevant number of operations (APT 28, Operation Pawn Storm, Operation SMN, Operation DeathClick, a tail of the infamous Sandworm), and even a man-in-the-middle attack against Chinese iCloud users.
August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).
This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.
I do not know if being happy or not, but it looks like the second half of June (the first timeline covering 1-15 June is here) has seen a sharp inversion of the decreasing trend recorded on the last few months. I have registered an increase of the number of attacks with particular focus on targeted attacks.
It just looks like attackers are enjoying the beginning of the Summer, since the first half of June confirms the decreasing trends.
The controversial 2014 World Cup has revived the hacktivists, and in particular the Anonymous collective who kicked off the Operation OpWorldCup, targeting Brazilian Governmental institutions and Sponsors of the World Cup.
It’s time for the report of the cyber activity in April. As usual this post summarizes the main events between 16 and 30 April, whereas the first part covering the attacks between 1 and 15 April 2014 can be found here (ok, actually there’s one attack I had to include in this timeline, dated 10 April).
And here it is the timeline reporting the Cyber Attacks happened during the first half of April 2014, a month probably long remembered within the Infosec Chronicles for the discovery of the terrible Heartbleed bug (two attacks have been recorded, so far, related to this devastating vulnerability).
And here we are with the second part of the Cyber Attacks Timeline (first part here).
The prize for the most noticeable breach of the month goes in Korea, where a 31-year-old man has been arrested for infiltrating the account of 25 million users of Never, a local Internet Portal (actually it happened several months ago but was unveiled in this month). Other noticeable events include the trail of attacks against several Universities (Maryland, Auburn, Purdue, Wisconsin-Parkside), the compromising of personal information of 550,000 employees and users of Spec’s, the leak of 158,000 forum users of Boxee.tv and 95,000 users of Cerberus and, finally, a breach targeting the California Department of Motor Vehicles. Last but not least, even the infamous Operation Windigo has deserved a mention in the timeline.