Last Updated on May 24, 2015

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six  U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29th, under the hashtag of #29s.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

  1. http://news.softpedia.com/news/Mexican-Hosting-Company-Breached-1-169-Sites-Defaced-by-Bangladeshi-Hackers-292676.shtml
  2. http://ozdc.net/archives.php?aid=3333
  3. http://news.softpedia.com/news/Hackers-Attract-Attention-of-Cambridge-University-by-Leaking-Over-4-000-Accounts-292584.shtml
  4. http://www.cyberwarnews.info/2012/09/17/collage-of-the-mainland-hacked-data-leaked-by-_s0lar_/
  5. http://news.thehackernews.com/231
  6. http://ozdc.net/archives.php?aid=3368
  7. http://www.secureworks.com/research/threats/the-mirage-campaign/
  8. http://www.theregister.co.uk/2012/09/19/chase_website_outage/
  9. http://www.reuters.com/article/2012/09/21/us-iran-cyberattacks-idUSBRE88K1AR20120921
  10. http://www.csoonline.com/article/717358/hacktivists-strike-u.s.-bank-with-volunteer-powered-ddos
  11. http://www.cyberwarnews.info/2012/09/18/lince-toyota-hacked-5632-personal-details-leaked/
  12. http://www.theregister.co.uk/2012/09/19/chase_website_outage/
  13. http://www.theglobeandmail.com/news/world/chinese-cyber-attacks-hit-japan-over-islands-dispute/article4553048/
  14. http://ozdc.net/archives.php?aid=3371
  15. http://ozdc.net/archives.php?aid=3372
  16. http://www.cyberwarnews.info/2012/09/20/torrent-site-revtt-hacked-50k-user-account-credentials-leaked/
  17. http://news.softpedia.com/news/RevTT-Administrators-Site-Was-Not-Hacked-Your-Account-Is-Secure-294168.shtml
  18. http://ozdc.net/archives.php?aid=3375
  19. http://news.softpedia.com/news/Hackers-Leak-User-Details-from-American-Chamber-of-Commerce-in-France-294151.shtml
  20. http://ozdc.net/archives.php?aid=3408
  21. http://nakedsecurity.sophos.com/2012/09/21/hacker-empties-poker/
  22. http://www.databreaches.net/?p=25358
  23. http://news.softpedia.com/news/US-Department-of-Agriculture-Sites-Hacked-in-Protest-Against-Mohammed-Movie-293926.shtml
  24. http://ozdc.net/archives.php?aid=3403
  25. http://ozdc.net/archives.php?aid=3401
  26. http://www.zdnet.com/au/hackers-deface-old-uts-system-dump-user-database-7000004694/
  27. http://www.cyberwarnews.info/2012/09/23/asus-italy-hacked-site-defaced-thousands-of-client-details-leaked/
  28. http://www.cyberwarnews.info/2012/09/22/australian-attorney-general-websites-attacked-for-opfreeassange/
  29. http://ozdc.net/archives.php?aid=3383
  30. http://ozdc.net/archives.php?aid=3395
  31. http://ozdc.net/archives.php?aid=3432
  32. http://ozdc.net/archives.php?aid=3395
  33. http://news.thehackernews.com/26
  34. http://news.softpedia.com/news/Twitter-Accounts-of-John-Cena-John-Morrison-Steve-O-Other-Celebs-Hacked-294370.shtml
  35. http://www.kjrh.com/dpp/news/problem_solvers/threat-from-hacking-of-city-of-tulsas-website-extends-beyond-the-city-limits
  36. http://ozdc.net/archives.php?aid=3422
  37. http://ozdc.net/archives.php?aid=3436
  38. http://news.softpedia.com/news/Anonymous-Takes-Down-Site-of-Greek-Neo-Nazi-Golden-Dawn-Party-294931.shtml
  39. http://news.softpedia.com/news/Spain-s-National-Police-Site-Down-as-Anonymous-Joins-Anti-Government-Protests-294850.shtml
  40. http://news.thehackernews.com/101
  41. http://www.zdnet.com/sourceforge-mirror-compromised-backdoor-slipped-into-phpmyadmin-7000004819/
  42. http://krebsonsecurity.com/2012/09/chinese-hackers-blamed-for-intrusion-at-energy-industry-giant-telvent/
  43. http://nakedsecurity.sophos.com/2012/09/27/banks-targeted-ddos-attacks/
  44. http://www.cutimes.com/2012/09/28/ddos-hacker-attacks-on-banks-escalating
  45. http://www.thehacknews.com/foxconns-official-site-has-been-hacked-by-hmei7/
  46. http://hackmageddon.com/2012/09/28/adobe-persistent-threat/
  47. http://news.softpedia.com/news/US-Bank-PNC-Websites-Target-of-DDOS-Attacks-Launched-by-Izz-ad-Din-al-Qassam-295288.shtml
  48. http://www.reuters.com/article/2012/09/29/us-hacking-energy-idUSBRE88S01B20120929
  49. http://ozdc.net/archives.php?aid=3451
  50. http://news.thehackernews.com/226
  51. http://www.cyberwarnews.info/2012/09/30/hello-hello-language-learning-website-hacked-38000-user-credentails-leaked/
  52. http://hackmageddon.com/2012/10/01/the-white-house-and-the-red-dragon/

This Post Has 2 Comments

  1. Paolo Passeri

    Hi Craig,

    Sorry my apparent silence, but I was quite busy in the last period. However this did not prevent me to have a look at your awesome reports.

    Thanks for quoting me and of course you may use the stats and the other material.

    Ciao.

    Paolo.

  2. Craig Rosewarne

    Hello Paolo

    Long time no speak. Did you manage to have a look at our SA Cyber Threat Barometer? http://www.wolfpackrisk.com/research/south-african-cyber-threat-barometer/

    Notice your section with links back to your site in the report?

    Another point I wanted to ask you – we are looking at bringing out a bi-monthly digital information security magazine for Africa and I wanted to have a section in there on incidents and wanted to know if I could continue to add in your stats + select from your blog postings as well. I will of course credit source back to you (as usual)

    Happy with this arrangement?

    Regards

    Craig

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.