New year, new Cyber Attacks Timeline. Let us start our Information Security Travel in 2012 with the chart of the attacks occurred in the first fifteen days of January. This month has been characterized so far by the leak of Symantec Source Code and the strange story of alleged Cyber Espionage revolving around it. But this was not the only remarkable event: chronicles tell the endless Cyber-war between Israel and a Saudi Hacker (and more in general the Arab World), but also a revamped activity of the Anonymous against SOPA (with peak in Finland). The end of the month has also reserved several remarkable events (such as the breaches to T-Mobile and Zappos, the latter affecting potentially 24,000,000 of users). In general this has been a very active period. For 2012 this is only the beginning, and if a good beginning makes a good ending, there is little to be quiet…
Browse the chart and follows @paulsparrows to be updated on a biweekly basis. As usual after the jump you will find all the references. Feel free to report wrong/missing links or attacks.
I tried to summarize the chain of events that is characterizing the Cyber Escalation in the Middle East. I collected the information from several sources in order to provide a detailed picture of what is happening between Israel and the Arab Countries since the initial claim of 0xOmar. Observing the evolution of the chart, the Cyber conflicts seems to follow the same rules than real wars: innocent victims, propaganda and psyops, different paths of escalation and guerrilla tactics. This Cyber Conflict in Middle East is probably crossing the line: from now the landscape will not be the same anymore.
From the initial action of 0xOmar to the Israeli reaction, passing through the declaration of Cyber Jihad (the chart is updated to Sunday, the 22nd of January), (too) many events have happened, involving different hacking crews, different countries (also some French and Canadian web sites have been defaced) and different kind of attacks. What was started as an endless chain of massive leaks seems to be evolving as isolated actions typical of guerrilla.
Follow the line of a Cyber conflict that, similarly to the real one occurring in the Middle East, appears far from being solved…
The #OpMegaupload and its subsequent Cyber Attacks all over the world, are diverging the attention from what is happening in the Middle East where the Cyber Conflict between Arab and Israeli Hackers is proceeding at an apparently unstoppable pace which forced me to post an update for the events occurred in the last week.
The rapid escalation of personal information leaks which characterized in the first two weeks of January has slightly changed shape, being replaced in the third week by Defacements and DDoS campaigns (targeting also the web sites of two Israeli Hospitals, as to say that a Cyber Geneva Convention is needed). Other dumps has also occurred, but not of the same scale as the first two weeks of January.
Besides the mutual DDoS and defacements to each other web sites, so far a quick calculation shows that since the beginning of this cyber war Arab Hackers have dumped more than 410,000 Credit Cards and 170,000 accounts, while the Israeli Counterparts have published approximately 11,000 Credit Cards, details of 140,000 individuals and 105,000 emails. Even if these data have to be taken with attention since many records have proven to be duplicated or fake, one consideration is clear: even Cyber Wars have their digital casualties.
Click here for the Middle East Cyber War Master Index with the Complete Timeline.
This week of Cyber War on the Middle East front, has shown a slight change on the Cyber Conflict trend. For the first time since January, psyops have deserved a primary role, maybe on the wake of the video released by the Anonymous against Israel one week ago. Not only the Jerusalem Post calls the video into question, but also argues that it may have been forged by Iran, identifying a state sponsored impersonation behind the entry of Anonymous in this cyber war.
But this has not been the only psyops event as an alleged message from Mossad to the Anonymous has appeared on pastebin, whose beginning sounds like a dark warning: If you want to be a hero start with saving your own lives. Although there are many doubts on its truthfulness, it deserves a particular attention since outlines a new age on psyops, what I call “pastebin psyops”.
But a war is not made only of psyops, so this week has also seen more hostile actions, among which the most remarkable one has been the leak of 300,000 accounts from Israeli Ministry of Construction and Housing. This action had been preannounced by a wave of attacks on primary Israeli sites (which targeted also the PM site), and most of all, has been carried on by 0xOmar, the absolute initiator of this cyber conflict.
Palestine has been targeted as well, and it is really interesting to read under this perspective a statement by Ammar al-Ikir, the head of Paltel, the Palestinian telecommunications provider according to whom cyber attacks on Palestinian websites and internet servers have escalated since Palestine joined UNESCO.
On the Iranian front chronicle report of a failed cyber attacks againstPress TV, Iran’s English-language 24-hour news channel and most of all of a controversial statement by Gholam Reza Jalali, a senior Iranian military official in charge of head of the Iranian Cyber Intelligence, according to whom the country’s nuclear facilities have finally been made immune to cyber attacks. And it is not a coincidence that in this week Iran has kicked off the first national conference on Cyber Defense. A matter that deserves a special attention by Tehran because of the growing number of attacks on Iran’s cyber space by US and Israel. On the other hand, Israel did a similar move one month ago, at very early stage of the cyber conflict.
This last week has seen some remarkable events an undoubtable revamp of data leaks inside the Middle East Cyberwar.
Not only the infamous 0xOmar, the initiator of the Middle East Cyber War, reappeared, leaking alleged secret data from some Israeli Virtual Israeli Air Force School websites; but also the Pakistani zCompany Hacking Crew has re-entered the scene unchaining the original weapon, that is the Credit Card leak. As a matter of fact ZHC published 5,166 records containing working credit cards, usernames, emails and addresses of individual supporters of the Zionist Organisation of UK & Ireland (zionist.org.uk).
On a different front, the massive defacements of websites all over the world in support of #OpFreePalestine continued. Under the label of the same operation, the Anonymous also “doxed” several companies and individuals on pastebin.
As far as the two main contenders (Iran and Israel) are concerned, the strategies seem quite different.
Iran has shown a cyber activity culminated in the alleged attack against the BBC Persian Service. For this nation, it is also important to notice its “cyber autarky”, maybe a choice forced by the embargo, that led to the creation of an internal email service, in contrast to the traditional Gmail, Yahoo, etc. This happens few weeks after the decision to develop an internal Antivirus.
On the opposite front, Israel keeps on its apparent cyber silence. Is it the prelude for the feared military action against Iran?
If you want to be constantly updated on the Middle East Cyber War, at this link you find the complete timeline. Also follow @paulsparrows on Twitter for the latest updates!
Here it is the usual compilation for the Cyber Attacks in the first half of September, a period which has apparently confirmed the revamping of hacktivism seen in August.
Several operations such as #OpFreeAssange (in support of Julian Assange), #OpTPB2 against the arrest of The Pirate Bay Co-Founder Gottfrid Svartholm Warg, and #OpIndipendencia in Mexico have characterized the first half of September. Curiously the hacktivists have also characterized this period for a couple of controversial events: the alleged leak of 1 million of UDIDs from FBI (later proven to be fake) and the alleged attack to GoDaddy (later proven to be a network issue, that is the reason why I not even mentioned it in this timeline). Other actions motivated by hacktivists have been carried on by Pro-Syrian hackers.
From a Cyber Crime perspective, there are two events particularly interesting (even if well different): the alleged leak of Mitt Romney’s tax returns and yet another breach against a Bitcoin Exchange (Bitfloor), worthing the equivalent of 250,000 USD which forced the operator to suspend the operations.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).