Last Updated on November 30, 2020

It’s time to publish the second timeline of October, covering the main cyber attacks happened in the second half of the month, plus some additional events that occurred before this period, but were discovered or disclosed in the considered interval.

This timeline contains 119 events, so apparently the break in the previous timelines was just an illusion. Unsurprisingly ransomware plays an important role in these numbers: almost one out of three events is directly or indirectly related to this threat, which is undoubtedly characterizing this troubled 2020 from an infosec perspective. Even in this timeline you will find many high-profile entities whose data has been encrypted and allegedly fallen in the hands of the attackers in the so-called double extortion attacks. Additionally this period has seen an unprecedented wave of attacks against healthcare institutions carried out with the Ryuk malware.

Another event that characterizes this timeline is the 2020 US General Elections: at least four campaigns purportedly carried out by state-sponsored actors (like Iran and Russia) have tried to leverage this political event to spread misinformation. Another event related to the elections, but driven by criminal purposes, is the theft of $2.3 million from the Wisconsin Republican Party’s account used to help reelect President Donald Trump.

In any case the proximity of the elections influenced also the cyber espionage front, with multiple state-sponsored campaigns by new and old theat actors such as: APT28, APT31, APT35, Turla, Energetic Bear, and MuddyWater.

Last but not least, the days of the mega breaches are not gone: a threat actor has put on sell an aggregate total of 34 million user records that they claim were stolen from seventeen companies during data breaches.

As always, the details are in the timeline! Thanks for sharing it and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.