Last Updated on January 23, 2016
It’s now time for the first chart of this 2015, a year that has begun in the worst way even from an Information Security perspective, given the high number of attacks recorded in the first half of January.
Unfortunately the sad events happened in Paris have inevitably conditioned this period: France has been the target of an unprecedented number of cyber attacks (approximately 19,000) allegedly carried on by Islamist hackers and strictly related with the events of the Charlie Hebdo. Nearly in contemporary, the Anonymous have declared war against the IS-IS and have taken down several Jiahdist sites. In the meantime the pro IS-IS hackers of the Cyber Caliphate have found the time to hijack the Twitter account of the CENTCOM: the US military command that oversees operations in the Middle East.
France has also been one of the main targets for Cyber Criminals, since the most remarkable breach of this two weeks has hit the shopping site of TF1, the most important local TV stations (nearly 2 million records possibly compromised). There is also indication of a possible attack to the Spanish affiliate of Orange, but it has not been confirmed.
Other noticeable events of this period concern a possible breach to the EA/Origin service, another (failed) attempt to blackmail a bank, perpetrated by the infamous Rex Mundi collective, and, on a different scale a massive malvertising campaign targeting sites with a combined total monthly traffic of around 1.5 billion visitors.
However, at least for once, I have not recorded events related to Cyber Espionage.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
- http://venturebeat.com/2014/12/30/hackers-are-breaking-into-origin-and-making-fraudulent-purchases/
- https://www.op.fi/op/op-pohjola-group/op-pohjola-group?cid=-66116&srcpl=4
- http://www.independent.co.uk/life-style/gadgets-and-tech/gaming/xbox-one-leak-could-allow-people-to-make-their-own-games-for-the-console-9951531.html
- http://pastebin.com/Wp8xCir3
- http://pastebin.com/SJc2xDr8
- http://pastebin.com/CbJuyzua
- http://www.techworm.net/2015/01/snookis-instagram-account-hacked-by-arabic-speaking-hackers.html
- http://www.connexionfrance.com/shoppers-data-hacked-tf1-magazine-subscription-website-16506-view-article.html
- http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/11321499/Bristol-bus-timetable-hacked-by-terrorists.html
- http://www.scmagazine.com/attempted-access-to-fast-forward-academy-systems-puts-data-at-risk/article/390923/
- https://www.cyberguerrilla.org/blog/croatia-government-corruption-and-ukraine-prosecutor-general-office-massive-hack-leak-symantec-hackers/
- https://nakedsecurity.sophos.com/2015/01/06/mit-sites-defaced-in-lead-up-to-anniversary-of-aaron-swartzs-death/
- https://twitter.com/ulzr1z/status/551210327459631104
- http://hackread.com/united-nation-pakistan-website-hacked-free-syrian-hacker/
- http://www.straitstimes.com/news/singapore/more-singapore-stories/story/hospital-says-facebook-account-staff-anti-singaporean-co
- http://www.databreaches.net/universities-hacked-data-dumped-by-marxistattorney/
- http://arstechnica.com/security/2015/01/bitcoin-exchange-bitstamp-claims-hack-siphoned-up-to-5-2-million/
- http://www.zataz.com/10-millions-de-donnees-volees-a-orange-espagne/#axzz3NuauSVJs
- http://www.eastbourneherald.co.uk/news/local/security-breaches-over-christmas-on-police-s-website-1-6500878
- http://www.scmagazine.com/pro-isis-group-hijacks-twitter-accounts-of-local-media-outlets/article/391900/
- http://hackread.com/hackers-deface-two-more-ec-council-sub-domains/
- http://www.itv.com/news/tyne-tees/2015-01-06/sowerby-school-website-hacked/
- http://www.bloomberg.com/news/2015-01-09/hackers-demand-12-000-for-client-data-stolen-from-geneva-bank.html
- http://www.ibtimes.com/pro-russian-hacker-group-cyberberkut-claims-attack-german-government-websites-1775874
- http://webcache.googleusercontent.com/search?q=cache:-pps3WwGyGIJ:pastebin.com/igrhVWss+&cd=1&hl=en&ct=clnk&gl=uk
- http://www.databreaches.net/hirsche-private-asset-emergency-announcement-regarding-breach-of-it-security-by-hacker-group/
- http://www.databreaches.net/u-of-hawaii-and-cornell-university-hacked-by-marxistattorney/
- http://arstechnica.com/security/2015/01/8chan-related-sites-go-down-in-lizard-squad-powered-ddos/
- http://www.zdnet.com/article/malvertising-campaign-strikes-news-outlets-through-aol/
- http://www.techworm.net/2015/01/extratorrent-down-hackers-launch-ddos-attack.html
- http://arstechnica.com/security/2015/01/surprise-north-koreas-official-news-site-delivers-malware-too/
- http://kotaku.com/kim-jong-un-video-game-hacked-creators-claim-1678859600
- http://grahamcluley.com/2015/01/hacked-road-sign/
- http://www.tripwire.com/state-of-security/off-topic/anonymous-attacks-jihadist-websites/
- http://pastebin.com/Kf626EQj
- http://pastebin.com/PWx2rCM2
- http://www.couriermail.com.au/news/queensland/bundaberg-library-website-hacked-by-people-claiming-to-be-from-free-syrian-people/story-fnn8dlfs-1227181518953?nk=6e492609ecada6b9cfe30ae627da5a85
- http://www.bbc.co.uk/news/world-us-canada-30785232
- http://www.nydailynews.com/news/national/thousands-american-united-airlines-accounts-hacked-article-1.2075162
- https://nakedsecurity.sophos.com/2015/01/14/crayolas-facebook-page-hijacked-redrawn-in-nsfw-style/
- http://news.softpedia.com/news/Notepad-plus-plus-Releases-Je-suis-Charlie-Edition-Website-Gets-Defaced-469956.shtml
- http://www.theregister.co.uk/2015/01/12/boomerang_security_breach_fears_credit_card_details/
- http://pastebin.com/FdWHMA2U
- http://www.scmagazine.com/payment-cards-targeted-in-attack-on-pet-supplies-website/article/392821/
- http://pastebin.ca/2906107
- https://twitter.com/zyclonb4u/status/555202661331763200
- https://twitter.com/zyclonb4u/status/555158182050680832
- https://twitter.com/zyclonb4u/status/555178224050012161
- http://www.net-security.org/secworld.php?id=17832
- http://www.ibtimes.co.uk/politicians-military-personal-journalists-hacked-pirate-party-stunt-1483499
- http://hackread.com/ohio-city-website-hacked-by-free-syrian-hacker/
Pingback: Hackers, it was nice while it lasted - SMiD Cloud
Pingback: Hackers, it was nice while it lasted | SMiD Blog
Paolo, thanks for this great website!
I just read an article about a DDOS on 19000 french websites (number 49 in your list): It seems that the provider of all of these websites made a mistake (see https://twitter.com/oxalide/status/556058249838223360)
It was not a DDOS…
Harold, thanks for your note. The attack I am referring to is not the alleged one against Oxalide, but rather a wave of sparse DDoS attacks against French sites in the wake of the terror attack of Charlie Hebdo. It has received a lot of attention in the media. See for instance: http://mashable.com/2015/01/15/france-cyberattacks-charlie-hebdo/.
Nearly in contemporary many primary sites went offline, suggesting the hypothesis of a coordinated DDoS attack of the same matrix. However this hypothesis was ruled out by Oxalide, the affected ISP (see for isntance http://www.pcworld.com/article/2871712/french-newspapers-go-offline-but-hosting-company-rules-out-ddos-as-cause.html) and this is the link you are referring to.
Pingback: Actus Sécurité Grand public 2015 S04 | La Mare du Gof
Pingback: securitybundle.steria.fr/security.watch