1-15 December 2015 Cyber Attacks Timeline
If you believed (or maybe hoped) that the Christmas atmosphere could curb the crooks' intentions, you will be disappointed: the…
Top 20 Breaches of 2015
This year has been characterized by multiple security events of noticeable size, and the last days of December are the…
Take the Money and (Possibly) Run: Most Devastating Hacks of 2015
The number of compromised accounts is an interesting metric to measure the impact of a cyber attack (here a list of the top 20 most devastating breaches occurred in 2015), but there are cases in which single individuals or organizations become victims of hackers for a specific purpose: take the money (as much as possible) and (possibly) run.
This year has seen many different ways to accomplish this task: one-time fraudulent money transfers, dating scams, or long lasting sophisticated campaigns (just like the Carbanak example). Different ways and different outcomes either, since, unfortunately for the attackers, not all the operations turned into an happy ending for them.
In the following gallery (after the Read More Tag you also find the table and chart) I have collected the top 10 hacks happened in 2015 which resulted in the maximum “revenue” for the attackers (and loss of money for the victims). In several cases they were successful, in other cases the alleged authors are about to be sentenced, in all cases, the attackers showed no mercy in their purpose to steal as much as possible from their designated victims.
[smartslider3 slider=3]
All logos are property of the respective brands.
1-15 January 2015 Cyber Attacks Timeline
It’s now time for the first chart of this 2015, a year that has begun in the worst way even from an Information Security perspective, given the high number of attacks recorded in the first half of January.
Unfortunately the sad events happened in Paris have inevitably conditioned this period: France has been the target of an unprecedented number of cyber attacks (approximately 19,000) allegedly carried on by Islamist hackers and strictly related with the events of the Charlie Hebdo. Nearly in contemporary, the Anonymous have declared war against the IS-IS and have taken down several Jiahdist sites. In the meantime the pro IS-IS hackers of the Cyber Caliphate have found the time to hijack the Twitter account of the CENTCOM: the US military command that oversees operations in the Middle East.
France has also been one of the main targets for Cyber Criminals, since the most remarkable breach of this two weeks has hit the shopping site of TF1, the most important local TV stations (nearly 2 million records possibly compromised). There is also indication of a possible attack to the Spanish affiliate of Orange, but it has not been confirmed.
Other noticeable events of this period concern a possible breach to the EA/Origin service, another (failed) attempt to blackmail a bank, perpetrated by the infamous Rex Mundi collective, and, on a different scale a massive malvertising campaign targeting sites with a combined total monthly traffic of around 1.5 billion visitors.
However, at least for once, I have not recorded events related to Cyber Espionage.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
16-31 January 2015 Cyber Attacks Timeline
It’s time for the second part of the January Cyber Attacks Timeline (Part I here).
In comparison with the first half of the month, in absolute terms, these two weeks have seen a slightly smaller number of attacks. However, even if the general trend has shown a decrease, the hacktivists (most of all the pro-Islamist ones) have been equally very active (and the French evening newspaper Le Monde, fallen under the keystrokes of the infamous Syrian Electronic Army, is the most illustrious victim).
Turning the attention to Cyber Crime, the most important event related to this category is probably the leak of 700,000 accounts from the Australian travel insurer Aussie Travel Cover. Of course there are many other background events, but no one reached an impact as noticeable as that.
Last but not least, I have not recorded noticeable events or campaigns related to Cyber Espionage.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 February 2015 Cyber Attacks Timeline
I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.
These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.
It is very hard to choose which one deserves the (not so) coveted prize, in any case a consideration is worth: there could not have been a worst way to begin this 2015 Infosec year.
Moving on along the timeline, other interesting events appear, such as the compromising of the Forbes web site (again Flash is on the spot) by a Chinese APT Group dubbed Codoso, a “mobile tail” of the Operation Pawn Storm, now spreading to iOS devices, and eventually an unprecedented campaign targeting Syrian rebels using a combination of fake social media and Skype accounts associated with fictional female characters.
In background, as usual, multiple events driven by hacktivism, whose most remarkable one is undoubtedly the massive campaign carried on by the Anonymous collective, aimed to erase hundreds of pro-ISIS accounts and profiles from the Cyber Space (in particular from Facebook and Twitter).
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
16-28 February 2015 Cyber Attacks Timeline
It’s time for the second timeline of February (first timeline here) covering the main cyber attacks occurred between 16 and 28 February 2015 (including also several few attacks that actually happened in the first 15 days).
With only 13 days available, this is normally the timeline with less activity. Not this year actually, since despite the shorter period, the number of reported attacks is undoubtedly remarkable.
If you look at the targeted attacks, you’ll be spoiled for choice: several remarkable operations (The Equation Group setting new standards in term of sophistication, Operation Rapid Viper against Israel and Operation Desert Falcons against several companies and individuals in Middle East), and a cyber attack, purportedly originating from China against the Dutch Chip Manufacturer ASML.
Even looking at Cyber Crime, you’ll be spoiled for choice as well. The Lizard Squad is back with an original retaliation against Lenovo, in the wake of the Superfish affair: they hacked the registrar that procured the Lenovo address, using that illegitimate access to hijack, shortly after, the lenovo.com domain. Other remarkable events include the admission of a breach by TalkTalk, involving potentially 4 million customers, a breach to Uber, putting at risk 50,000 past and present drivers, and other two cases of Bitcoin Exchange sites hacked (in particular Canada based Cavirtex is forced to shut down, whereas the losses for the Chinese Bter amount to $1.75 million.
Last but not least, nothing particular meaningful to mention for what concerns hacktivism: several sparse operation with no significant impact.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 March 2015 Cyber Attacks Timeline
Spring is at the door, and finally the endless winter is coming to an end. I am just wondering if the crooks are starting to enjoy the first rays of sun, given the relatively low level of attacks in the first half of March.
Effectively, for the first time since several months, no massive breaches have been recorded. But don’t get carried away: the second half of March has begun in the worst possible way with the gigantic breach suffered by Premera (definitely a deja vu).
In any case, during the first half of the month, there have been several remarkable attacks driven by criminal intentions, however none of them has achieved the levels we have been used to in the previous months (not for long unfortunately).
Shifting to hacktivism, the Pro-Palestinian collective Anonghost was back in action, and even the Anonymous were back from stealth mode. However the most active actors have been the pro-isis hackers, who have defaced hundreds of Western sites, forcing the FBI to investigate these incidents. It is impossible to count all the victims, so just a special mention for them.
The Cyber Espionage has maybe offered the most peculiar attack, consisting in the hijacking of the internet traffic for 167 important British Telecom customers (including a UK defense contractor) towards Ukraine, before reaching their final destination. Even if the key question probably remains unsolved: was this a gigantic routing blunder or a very large scale attack?
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
16-31 March 2015 Cyber Attacks Timeline
I am back in business after a short vacation period (now and then it happens!), just in time to publish the second Cyber Attack timeline of March (the first one is here), which confirms the growing trend we have been experiencing in 2015.
Two weeks packed with events, started in the worst possible way, with the massive cyber attack against Premera Blue Cross (11 million customers affected), and continued with the same baffling trend, since the list of organizations targeted by massive breaches, includes other primary companies such as British Airways, Slack and Twitch (an Amazon-owned game video streaming service).
Two weeks that also saw a sustained DDoS attack against GitHub, the discovery of several campaigns (Operation Woolen-Goldfish, the Trojan.Loziak malware targeting oil and gas companies, and the Volatile Cedar campaign originating in Lebanon), and also an official statement issued by the South Korean government, blaming North Korea for the network intrusions that stole data from Korea Hydro and Nuclear Power (KHNP).
In background, the usual sea of smaller events driven by hacktivism or cybercrime.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 April 2015 Cyber Attacks Timeline
Spring is sprung, but unfortunately the nice season is not enough to keep the crooks’ hands off their keyboard, as the growing trend continues, and this first half of April has shown a sustained number of attacks.
The most illustrious victim is Lufthansa, whose frequent-flyers website has been hacked, with the attackers able to harvest miles from the unaware victims. Other noticeable events, always related to cyber crime, include the compromise of Linux Australia, and the discovery of Operation Buhtrap, a campaign targeting Russian banks.
But it’s maybe the cyber espionage front, the one that offered the most interesting events over the past two weeks. Chronicles reports a Russian intrusion inside the White House, the discovery of APT30, a decade-long state-sponsored campaign targeting South-East Asian assets, and the first example of an APT-to-APT campaign, something fairly more complex than a simple skirmish between Hellsing and Naikon, two enemy gangs.
Last but not least the Hacktivism has offered some remarkable events either. The most devastating has happened in France, where Pro-ISIS hackers have taken off TV5Monde, a national broadcast. And that’s not been the only one, since other minor defacements, carried on by Islamist hackers, have interested targets all over the world. Among the victims of this tide of attacks there is also the official Vatican website, despite the reason of the attack is a retaliation against the words of Pope Francs, who used the term ‘genocide’ to refer the mass killing of Armenians by Turks.
The 7th of April was also an important date for the hacktivists all around the world. Each year in this day, they reunite their efforts against a single target: Israel, which becomes the victim of the so-called OpIsrael. Of course this punctually happened, but just like the past year, the damages were marginal.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
