Let’s open this infosec 2018 with the first cyber attacks timeline covering the main events occurred between January 1st and January 15th, which brings in a novelty with regards to the taxonomy of the target classes. As a matter of fact, in order to facilitate the classification, as suggested by some readers, I have decided to adopt the International Standard Industrial Classification, with a small modification to take into account the cases when the targets are multiple, or single individuals.
That being said, let’s have a quick look at the main events (as usual scroll down the list for additional details).
So the beginning of the year confirms that cryptocurrencies are the new gold for criminals: this fortnight has recorded an attack to a crypto wallet (BlackWallet), and the discovery of four botnets/operations aimed to mine cryptocurrencies from the victim’s machines.
The 2018 unwelcome list of the mega breaches is opened by Health South-East RHF, the healthcare organization that manages hospitals in Norway’s southeast region, victim of an attack affecting over 2.9 million individuals.
Despite all the countermeasures, Android malware confirms its momentum (a fake Uber app, some fake security apps, and the first example of a malware written in Kotlin are only few examples).
Last but not least, the Olympic Games have not started yet, and a campaign targeting them (Operation PowerShell Olympics) has already been uncovered. In the meantime. Meanwhile APT28 (AKA Fancy Bear, AKA PawnStorm) continues to be quite active, similarly to Turla, on the spot again with a new campaign targeting embassies and consulates in East Europe with a fake Flash update.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016 , and 2017 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.