1-15 May 2013 Cyber Attacks Timeline

And here we are with our bi-weekly review of the main cyber attacks. This time is the turn of the first half of May.

Probably this month will be remembered for the huge cyber-heist against two Payment Processors, and affecting two banks (National Bank of Ras Al-Khaimah PSC in the United Arab Emirates and the Bank of Muscat in Oman), which suffered a massive loss of $45 million due to an endless wave of unlimited withdrawals from their ATMs.

Other relevant actions related to Cyber-criminal operations include the massive breaches against MSI Taiwan (50,000 records affected) and most of all, the Washington state Administrative Office of the Courts (up to 160,000 SSN and 1 million driver’s license numbers).

On the other hand, the hacktivists concentrated their efforts on the so-called OpUSA (7 May), even if it looks like that most of the attacks were nuisance-level. Instead, and this is a great news, after months of intense activity, the operation Ababil come to a stop.

On the cyber war front, this month reports an unedited conflict between Taiwan and Philippines.

Last but not least, even if this attack dates back to 2007, on the Cyber-Espionage front, Bloomberg has shaken this lazy month revealing the repeated attacks by the infamous Comment Crew hackers against Qinetiq, a very critical Defense contractor. The cyber threats from the Red Dragon (real or alleged) keep on scaring the western world.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2013 Cyber Attacks Timeline Part I (more…)

Continue Reading1-15 May 2013 Cyber Attacks Timeline

1-15 June 2013 Cyber Attacks Timeline

Here it is the first part of the June 2013 Cyber Attacks timeline covering the first half of the month.

This period has been characterized by the protests in Turkey, that, easy predictable, have also influenced the cyber landscape. Many attacks (in several cases even with noticeable impact) have been carried on in name of OpTurkey.

Other noticeable facts include the attacks against the European Police College (14,000 records affected), the Bangladeshi Air Force recruitment website (110,000 credentials affected), and, most of all, against the Danish Police which affected the country’s driver’s license database, social security database, the shared IT system across the Schengen zone, and the e-mail accounts and passwords of 10,000 police officers and tax officials.

Last but not least, the first two weeks of June has brought us yet another high profile cyber-espionage operation, dubbed NetTraveler.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2013 Cyber Atacks Timeline (more…)

Continue Reading1-15 June 2013 Cyber Attacks Timeline

16-30 June 2013 Cyber Attacks Timeline

It’s time for the second part of the June 2013 Cyber Attacks Timeline (first part here).

The last two weeks of June have been characterized by an unusual cyber activity in the Korean Peninsula. In a dramatic escalation of events (coinciding with the 63rd anniversary of the start of the Korean War), both countries have attracted the unwelcome attentions of hacktivists and (alleged) state-sponsored groups, being targeted by a massive wave of Cyber attacks, with the South suffering the worst consequences (a huge amount of records subtracted by the attackers).

On the hacktivism front, the most remarkable events involved some actions in Brazil and Africa, and the trail of attacks in Turkey that even characterized the first half of the month. The chronicles of the month also report an unsuccessful operation: the results of the so-called OpPetrol have been negligible (most of all in comparison to the huge expectations) with few nuisance-level attacks.

On the cyber crime front, the most remarkable events involved the attacks against Blizzard, that forced the company to temporarily close mobile access to its auction service, a serious breach against a Samsung service in Kazakhstan, a targeted attack against the internal network of Opera Software (aimed to steal code signing certificates) and several attacks to some DNS registrars. In particular the most serious has been perpetrated against Network Solutions, affecting nearly 5000 domains, among which LinkedIn.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2013 Cyber Atacks Timeline (more…)

Continue Reading16-30 June 2013 Cyber Attacks Timeline

1-15 July 2013 Cyber Attacks Timeline

I am quite in time with the list of the main Cyber Attacks occurred in the first half of July.

This period has been quite hard for the Video Games Industry with two noticeable events targeting Konami and Ubisoft (58 million of account potentially affected in this second case). Another noticeable breach involves the attack against the Italian Website of Sony, which lead to 40,000 records leaked.

Regarding hacktivism, Turkey keeps on being quite hot in this period, and not only for the Summer: several governmental targets have been hits by cyber attacks directly related to the OpTurkey initiative.

Last but not least: you will notice I have added a new column indicating the target country: for the sake of clarity, it refers to the nationality of the targeted organization and not to the geo-location of the targeted IP.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 July 2013 Cyber Attacks Timeline (more…)

Continue Reading1-15 July 2013 Cyber Attacks Timeline

16-31 August 2013 Cyber Attacks Timeline

August is gone (and unfortunately the Summer is also reaching the end), so it is time to analyze what happened in the Cyber Space during the second half of this month.

Apparently the hacktivism has been the most influencing factor of the last two weeks on the wake of the sad events happening in Syria, which also influenced the Cyber Space from both sides (loyalists represented by the Syrian Electronic Army and rebels represented by the Anonymous). Other events influencing the landscape include the protests in Turkey, Colombia, Gabon and (marginally) Egypt, which also had some echoes in the Cyber Space.

On the Cyber Crime front the chronicles report the breaches against the RPG League of Legends (million of users theoretically at risk), the Estate Agent Foxtons (10,000 records allegedly compromised) and Pizza Hut Spain and Malta (7,000 records leaked) and a controversial attack to Twitter (nearly 18,000 accounts leaked purportedly belonging to Turkish users).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2013 Cyber Attacks Timeline

(more…)

Continue Reading16-31 August 2013 Cyber Attacks Timeline