1-15 June 2013 Cyber Attacks Timeline

Here it is the first part of the June 2013 Cyber Attacks timeline covering the first half of the month.

This period has been characterized by the protests in Turkey, that, easy predictable, have also influenced the cyber landscape. Many attacks (in several cases even with noticeable impact) have been carried on in name of OpTurkey.

Other noticeable facts include the attacks against the European Police College (14,000 records affected), the Bangladeshi Air Force recruitment website (110,000 credentials affected), and, most of all, against the Danish Police which affected the country’s driver’s license database, social security database, the shared IT system across the Schengen zone, and the e-mail accounts and passwords of 10,000 police officers and tax officials.

Last but not least, the first two weeks of June has brought us yet another high profile cyber-espionage operation, dubbed NetTraveler.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2013 Cyber Atacks Timeline (more…)

Continue Reading1-15 June 2013 Cyber Attacks Timeline

1-15 July 2013 Cyber Attacks Timeline

I am quite in time with the list of the main Cyber Attacks occurred in the first half of July.

This period has been quite hard for the Video Games Industry with two noticeable events targeting Konami and Ubisoft (58 million of account potentially affected in this second case). Another noticeable breach involves the attack against the Italian Website of Sony, which lead to 40,000 records leaked.

Regarding hacktivism, Turkey keeps on being quite hot in this period, and not only for the Summer: several governmental targets have been hits by cyber attacks directly related to the OpTurkey initiative.

Last but not least: you will notice I have added a new column indicating the target country: for the sake of clarity, it refers to the nationality of the targeted organization and not to the geo-location of the targeted IP.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 July 2013 Cyber Attacks Timeline (more…)

Continue Reading1-15 July 2013 Cyber Attacks Timeline

16-30 June 2013 Cyber Attacks Timeline

It’s time for the second part of the June 2013 Cyber Attacks Timeline (first part here).

The last two weeks of June have been characterized by an unusual cyber activity in the Korean Peninsula. In a dramatic escalation of events (coinciding with the 63rd anniversary of the start of the Korean War), both countries have attracted the unwelcome attentions of hacktivists and (alleged) state-sponsored groups, being targeted by a massive wave of Cyber attacks, with the South suffering the worst consequences (a huge amount of records subtracted by the attackers).

On the hacktivism front, the most remarkable events involved some actions in Brazil and Africa, and the trail of attacks in Turkey that even characterized the first half of the month. The chronicles of the month also report an unsuccessful operation: the results of the so-called OpPetrol have been negligible (most of all in comparison to the huge expectations) with few nuisance-level attacks.

On the cyber crime front, the most remarkable events involved the attacks against Blizzard, that forced the company to temporarily close mobile access to its auction service, a serious breach against a Samsung service in Kazakhstan, a targeted attack against the internal network of Opera Software (aimed to steal code signing certificates) and several attacks to some DNS registrars. In particular the most serious has been perpetrated against Network Solutions, affecting nearly 5000 domains, among which LinkedIn.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2013 Cyber Atacks Timeline (more…)

Continue Reading16-30 June 2013 Cyber Attacks Timeline

1-15 August 2013 Cyber Attacks Timeline

The first half of August has gone, so it is time for the Cyber Attacks Timeline summarizing the main events occurred in this period.

Looks like the massive breaches have decided to have a break during August. Although the first fifteen days have shown a remarkable number of attacks, no huge leaks have been recorded.

The only exception is the latest attack to the United States Department of Energy (14,000 individuals potentially affected) and the one targeting the Ferris State University with nearly 60,000 records potentially affected.

Other remarkable events include the attacks against Opscode and Crytek. In this latter case four websites have been temporarily taken down.

Last but not least, the Syrian Electronic Army is back in action, and its wave of Social Engineering attack has directly and indirectly hit many primary targets such as Channel 4 and the New York Post (via the hack to the SocialFlow platform).

Important: this period has also seen an high cyber activity between India and Pakistan. The attacks deserve a dedicated timeline to be published very soon. So they will not appear in this timeline.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 August 2013 Cyber Attacks Timeline Addendum (more…)

Continue Reading1-15 August 2013 Cyber Attacks Timeline

Timeline of Cyber Attacks in Conjunction with the Pakistan and India Independence Days

As I previously mentioned in the 1-15 August Cyber Attack Timeline, I decided to build a dedicated timeline for the Cyber Attacks between India an Pakistan happened during the month of August as they reached an unusual peak in conjunction with the occurrence of the Independence Days in Pakistan (14 August), and India (15 August).

Actually the relationships between the two countries are not what I would define idyllic, and to confirm this scenario, a huge cyber espionage operation against BSNL the Indian state-owned Telco company, has recently surfaced. In any case, easily predictable, hackers of both sides contributed to add further fuel to the fire with an unusual peak of attacks concentrated around the dates of the Independence Days. These attacks have not the sophistication typical of state-sponsored operations, since are mainly “limited” to defacements (so the damage is more symbolic than practical). However, in several cases the targets are of very high profile (as in the case of the Facebook pages of the Pakistan Army).

A short (probably non-exhaustive) summary follows:

India Pakistan TL

Also notice that during the same Period Pakistan was targeted by an unprecedented wave of Cyber Attacks by Afghan Hackers.

Pakistan Afghanistan

This is indeed quite curious since the attacks came nearly in contemporary of the first football match between the two countries in Kabul after 36 years (and the first home match of the Afghanistan national team after 10 years). For the chronicle, in the real world, Afghanistan’s footballers have won 3-0 over Pakistan.

(more…)

Continue ReadingTimeline of Cyber Attacks in Conjunction with the Pakistan and India Independence Days

16-31 August 2013 Cyber Attacks Timeline

August is gone (and unfortunately the Summer is also reaching the end), so it is time to analyze what happened in the Cyber Space during the second half of this month.

Apparently the hacktivism has been the most influencing factor of the last two weeks on the wake of the sad events happening in Syria, which also influenced the Cyber Space from both sides (loyalists represented by the Syrian Electronic Army and rebels represented by the Anonymous). Other events influencing the landscape include the protests in Turkey, Colombia, Gabon and (marginally) Egypt, which also had some echoes in the Cyber Space.

On the Cyber Crime front the chronicles report the breaches against the RPG League of Legends (million of users theoretically at risk), the Estate Agent Foxtons (10,000 records allegedly compromised) and Pizza Hut Spain and Malta (7,000 records leaked) and a controversial attack to Twitter (nearly 18,000 accounts leaked purportedly belonging to Turkish users).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2013 Cyber Attacks Timeline

(more…)

Continue Reading16-31 August 2013 Cyber Attacks Timeline

1-15 October 2013 Cyber Attacks Timeline

It’s time to review the list of the main cyber attacks happened during the first half of October.

Of course there are few doubts: the breach involving Adobe (compromising the details of 3 million customers and the source code of two products) is for sure the most remarkable event of the month (and probably of the year), and its consequences will likely affect the Infosec landscape for long. In addition it overshadowed all the other events occurred so it is quite hard to summarize the threat landscape of the first 15 days of October.

In a nutshell, these two weeks have brought an unprecedented number of DNS Hijackings and several considerable breaches (however not comparable in size and impact with the one affecting Adobe). At first glance, looks like the number of attacks motivated by Cyber Crime is constantly increasing and leaving behind Hacktivism.

Last but not least, curiously, for this couple of weeks, I did not find any remarkable operations motivated by Cyber Espionage.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 October 2013 Cyber Attacks Timeline

(more…)

Continue Reading1-15 October 2013 Cyber Attacks Timeline

1-15 June 2014 Cyber Attacks Timeline

It just looks like attackers are enjoying the beginning of the Summer, since the first half of June confirms the decreasing trends.

The controversial 2014 World Cup has revived the hacktivists, and in particular the Anonymous collective who kicked off the Operation OpWorldCup, targeting Brazilian Governmental institutions and Sponsors of the World Cup.

Looking at the Cyber Crime, the most remarkable event of the month is the extortion attempt against  Belgian and French customers of Domino’s Pizza (650,000 users affected). It is also worth to mention the wave of DDoS attacks against Feedly and Evernote, in the first case motivated by extortion, and also the compromising of a US Army database in South Korea.

Last but not least, chronicle report the details of two Cyber Espionage Operations: Operation Molerat, originating allegedly from Middle East, and yet another one from China, discovered by Crowdstrike and attributed to a group dubbed Putter Panda.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2014 Cyber Attacks Timeline

(more…)

Continue Reading1-15 June 2014 Cyber Attacks Timeline