Last Updated on November 30, 2011

The second half of November has confirmed the trend seen in the previous report covering the first half of the month. The period under examination has confirmed a remarkable increase in Cyber Attacks from both a quality and quantity perspective.

Although the month has been characterized by many small attacks, several remarkable events have really made the difference.

Among the victims of the month, Finland deserves a special mention in this unenviable rank: the second half of the month has confirmed the emerging trend for this country, which suffered in this period two further breaches of huge amounts of personal data, for a global cumulative cost, computed on the whole month, around $25 million.

But Finland was not the only northern European country hit by cybercrookers (maybe the term cyberprofessionals would be more appropriate): Norwegian systems associated with the country’s oil, gas and energy sectors were hit with an APT based cyber attack resulting in a loss of sensitive information including documents, drawings, user names and passwords.

But once again the crown of the most remarkable breach of the month is placed upon the head of South Korea which suffered another huge data dump affecting users of the popular MMORPG “Maple Story” affecting theoretically 13 million of users, nearly the 27% of the Korean population, for an estimated cost of the breach close to $2.8 billion.

The list of affected countries this month includes also 243,089 Nigerian users, victims of the hack of Naijaloaded, a popular forum.

Microsoft has been another victim in this November, with a phishing scam targeting Xbox Live users. Details of the scam are not clear, although each single affected user in U.K. might have lost something between £100 and £200 for a total cost of the breach assimilable to “million of Pounds”.

November will make history for showing for the first time to information security professionals the dangers hidden inside the SCADA universe (and not related to Nuclear Reactors). The echo of Stuxnet and Duqu is still alive, but this month was the the turn of SCADA water pumps, that have suffered a couple of attacks (Springfield and South Houston), the first one allegedly originated from Russia and the second one from a “lonely ranger” who considered the answer from DHS concerning the first incident, too soft and not enough satisfactory. My sixth sense (and one half) tells me that we will need to get more and more used to attacks against SCADA driven facilities.

The Anonymous continued their operations against governments with a brand new occurrence of their Friday Releases, targeting a Special Agent of the CA Department and leaking something like 38,000 emails. Besides from other some sparse “small” operations, the other remarkable action performed by the Anonymous collective involved the hacking of an United Nations (old?) server, that caused personal data of some personnel to be released on the Internet.

November Special mentions are dedicated (for opposite reasons) to HP and AT&T. HP for the issue on their printers discovered by a group of Researchers of Columbia Univerity, which could allow a malicious user to remotely control (and burn) them. AT&T deserved the special mention for the attack, unsuccessful, against the 1% of its 100 million wireless accounts customer base.

In any case, counting also the “minor” attacks of the month, the chart shows a real emergency for data protection issues: schools, e-commerce sites, TVs, government sites, etc. are increasingly becoming targets. Administrators do not show the deserved attention to data protection and maybe also the users are loosing the real perception of how much important is the safeguard of their personal information and how serious the aftermaths of a compromise are.

As usual, references for each single cyber attack are reported below. Have a (nice?) read and most of alle share among your acquaintances the awareness that everyone is virtually at risk.

Related articles

• November 2011 Cyber Attacks Timeline (Part I) (paulsparrows.wordpress.com)

1. http://news.asiaone.com/News/Latest%2BNews/Asia/Story/A1Story20111116-310940.html
   
2. http://nakedsecurity.sophos.com/2011/11/16/mystery-flaw-crashing-dns-servers-across-the-internet/
   
3. http://www.helsinkitimes.fi/htimes/domestic-news/general/17323-another-data-breach-revealed-in-finland-.html
   
4. http://www.wired.com/threatlevel/2011/11/hackers-destroy-water-pump/all/1
   
5. http://www.pcmag.com/article2/0,2817,2396611,00.asp
   
6. http://www.cyberwarnews.info/2011/11/18/education-websites-under-sqli-attacks-by-d4op/
   
7. http://www.therepublic.com/view/story/2928d00e43424b5881e6a80dbcbf705e/HI–APEC-Personal-Information/
   
8. http://news.softpedia.com/news/Hacker-Tells-Story-of-Melbourne-University-Hack-235281.shtml
   
9. http://pastebin.com/htyqknnX
   
10. http://www.thinq.co.uk/2011/11/18/hacker-penetrates-south-houstons-water-supply-network/
    
11. http://thehackernews.com/2011/11/maharashtra-highway-police-website.html
    
12. http://www.cyberwarnews.info/2011/11/21/dump-of-accounts-from-sfbaysss-net/
    
13. http://www.prweb.com/releases/2011/11/prweb8981486.htm
    
14. http://nakedsecurity.sophos.com/2011/11/22/hackers-target-att-wireless-users/
    
15. http://www.cyberwarnews.info/2011/11/22/dump-of-accounts-from-drummusic-tv/
    
16. http://www.cyberwarnews.info/2011/11/23/bunch-of-defaced-sites-by-failroot/
    
17. http://nakedsecurity.sophos.com/2011/11/22/xbox-live-customers-not-hacked-but-phished/
    
18. http://www.dutchnews.nl/news/archives/2011/11/sinter_klaas_website_hacked_13.php
    
19. http://www.cyberwarnews.info/2011/11/23/fairly-big-dump-of-accounts-from-globeclassroom-ca/
    
20. http://www.cyberwarnews.info/2011/11/23/dump-of-accounts-from-hostbooter/
    
21. http://www.scmagazine.com.au/News/281041,250k-users-exposed-in-naijaloaded-hack.aspx
    
22. http://datalossdb.org/incidents/5050-309-usernames-e-mail-addresses-passwords-and-ip-dumped-on-web-by-hacker
    
23. http://datalossdb.org/incidents/5049-99-usernames-e-mail-addresses-and-plain-text-passwords-dumped-on-web-by-hacker
    
24. http://pastebin.com/pBFdKWsK
    
25. http://datalossdb.org/incidents/5054-15-names-usernames-department-position-and-plain-text-passwords-dumped-on-web-by-hacker
    
26. http://www.bbc.co.uk/news/technology-15881034
    
27. http://pastebin.com/e3UF0j76
    
28. http://nakedsecurity.sophos.com/2011/11/25/13-million-maplestory-players-at-risk-after-hack-casting-a-cloud-over-nexons-ipo/
    
29. http://thehackernews.com/2011/11/sudan-airways-mailbox-database-leaked.html
    
30. http://www.cyberwarnews.info/2011/11/27/dump-of-accounts-from-nike-free-run-us-by-anonymous-dominicana/
    
31. http://pastebin.com/ua2TLs05
    
32. http://pastebin.com/V4mEU7Kx
    
33. http://www.cyberwarnews.info/2011/11/27/australian-government-website-defaced-by-anonymous/
    
34. http://www.zone-h.org/mirror/id/15871406
    
35. http://pastebin.com/gdF1CczA
    
36. http://pastebin.com/ttKL2VUQ
    
37. http://pastebin.com/AVy3K50B
    
38. http://www.cyberwarnews.info/2011/11/28/hyderbad-alumni-association-of-iiit-data-dumped-by-pakistonix-haxor/
    
39. http://www.thedomains.com/2011/11/27/101domains-com-suffers-securty-breach/
    
40. http://nakedsecurity.sophos.com/2011/11/29/united-nations-hacked-email-addresses-and-passwords-leaked/
    
41. http://threatpost.com/en_us/blogs/un-says-old-server-old-data-exposed-teamp0ison-hack-113011
    
42. http://www.poliklinikka.fi/?page=7874754&id=7782940
    
43. http://www.cyberwarnews.info/2011/11/28/sncc-psp-com-defaced-and-email-list-dumped-by-lulzsecportugal/
    
44. http://www.cyberwarnews.info/2011/11/28/vagus-cosmetics-patient-database-leaked-by-kahunahackz/
    
45. http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say
    
46. http://thehackernews.com/2011/11/more-than-100-pakistani-government.html
    
47. http://newsroom.ucr.edu/2800
    
48. http://pastebin.com/u1U5MuTx
    
49. http://www.cyberwarnews.info/2011/11/30/dump-of-accounts-from-evidalia-es/
    
50. http://www.cyberwarnews.info/2011/11/30/bishop-mcdevitt-catholic-high-school-administrator-accounts-leaked/
    
51. http://pastebin.com/BjjzrXFE
    
52. http://www.cyberwarnews.info/2011/11/30/thereadersweb-com-and-www-parks-it-member-database-hacked-and-dumped/
    
53. http://pastebin.com/Xae5GMbm
    
54. http://www.cyberwarnews.info/2011/11/29/dump-of-accounts-from-humormillnews-com/
    
55. http://www.cyberwarnews.info/2011/11/30/big-dump-of-accounts-from-macromatic-com-and-relayspec-com/