This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.
Last but not least… This post is my very personal way to wish you a happy new infosec year.
The more I look inside the Middle East Cyber War between Israel and the Arab Hackers, the more I realize that it follows exactly the same shape than the real conflict.
In particular this last week has seen a strong reduction of the cyber events between the involved parties, although it is not clear if this was due to stronger cyber defenses enforced, or it was rather a kind of “calm before the storm”.
Among the reported events I considered particularly meaningful the attack of InLightPress, a Palestinian news website, of whom I did not find any other report except the one quoted in the Infographic which comes from a Pro-Israeli Website (this is the reason why this event must be considered with the necessary caution). Maybe it is not directly related to the Middle East Cyber War, anyway it looks like this attack was not originated by Israeli hackers, but had rather been “commissioned” by the Palestinian Authority. In the real world political parties or movement have different wings (typically hawks and doves), it looks like this is true for the cyber world as well. On the other hand, some believe that also the attack carried on last week against the Israeli newspaper Haaretz, considered close to Pro-Palestinian movements, has an internal origin, that maybe explains the subsequent excuses by the alleged authors of the attack (BTW at the above link there is an interesting list of the hack published in pastebin by the Israeli Hackers).
Do you believe the descending trend of the cyber events will be confirmed in the next period, or it is rather a temporary cyber truce before the digital storm?
February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.
The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.
Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.
Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful: