March 2012 Cyber Attacks Timeline (Part I)
The first half of March is gone, and here it is the Timeline of the main Cyber Attacks for this…
April 2012 Cyber Attacks Timeline (Part II)
Here the first part covering the cyber attacks from 1 to 15 April.
April is over and here it is the second half of the Cyber Attacks Timeline covering the time period spanning from 16 to 30 april 2012.
The last two weeks of this month have been characterized by several remarkable events (at least for the newspapers), such as the #OpBahrain which unleashed a trail of attacks from the Anonymous against websites related to the Formula 1 GP in Bahrain. Other noticeable events triggered by hacktivism include several DDoS attacks against CIA, MI6, Department of Justice, and a couple of Law Enforcement Agencies which continue to be a preferred target for hackers.
On the Cyber Crime front (still the major apparent motivation for the attacks) this month reports, among the events, a breach to Nissan and other DDoS attacks against the District of Columbia, the State of Washington and Nasdaq (I would not define them just motivated by hacktivism). Other events include a couple of 0-day vulnerabilities targeting popular e-mail services and affecting potentially million of users.
Last but not least, April has brought a new cyber attack to Iran crude oil industry, despite, so far, there are no clear evidences of a new Stuxnet-like Cyber Attack. This is not the only episode targeting Iran which also suffered 3 million of banks accounts compromised.
For the chronicle I decided to insert in the timeline also the breach to the game publisher Cryptic Studios. Although it happened in 2010 (sic) it was discovered only few days ago…
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
May 2012 Cyber Attacks Timeline (Part II)
As usual, here it is the second part of the Cyber Attacks Timeline for the month of May 2012: a month particularly rich of Cyber Events. As you will probably know, the Flame malware has monopolized the attention, deserving the most attention from the Information Security Professional.
Nevertheless the scene has offered many interesting events, among which it worths to mention the breach of 123,000 federal employees records, the breach affecting University of Nebraska, and, last but not least, the breach against WHCMS (which, as we will soon see, has proved to be fatal for its author).
The hacktivist front is still hot and preannounces another hot summer. On the other hand the authors of several remarkable cyber-criminal actions are probably going to leave the scene: the long trail of arrests made by Law Enforcement Agencies against hackers has continued in this month and has hence led to the arrest of Cosmo, the leader of the infamous group UGNazi, which claimed to be the author of the Cyber Attack against WHCMS.
In your opinion are the arrests against hackers really going to stop the growing number of Cyber Attacks (acting as a deterrent)?
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
After the jump you find all the references, and at this link the first part covering 1-15 May.
June 2012 Cyber Attacks Timeline (Part I)
Update 07/05/2012: June 2012 Cyber Attacks Timeline (Part II)
A (first half of the) month living dangerously…
June has come and strongly confirms that Summer is the preferred month for Cybercrookers: just look back at June 2011 and you will probably remember the days of Lulz of the infamous LulzSec Collective (which curiously seems to be reborn!).
June 2012 has shown a remarkable number of incidents and is proving to be a mensis horribilis (horrible month) for Social Networks and Online Services in general, due to the high profile breaches of LinkedIn, Last.Fm, eHarmony and the online game League of Legends.
On a geographic scale, looks like China is becoming another important source of Cyber incidents, having been targeted from #TeamGhostShell, who claim, inside their #ProjectDragonFly, to have obtained up to 800,000 accounts from different sources.
Hacktivism-led actions seem (apparently) to decline, whilst, on the Cyber Crime front, a new collective, UGNazi, is taking the scene, having confirmed, in the first part of June, the wake of cyber attacks, we have become familiar with for some time.
Another Infosec Summer promising to be very hot!
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timeline.
August 2012 Cyber Attacks Timeline (Part I)
The first half of August has seen a revamping of Hacktivism, encouraged by the takedown of the famous Torrent Tracker Demonoid (and the consequent OpDemonoid targeting most of all Ukrainian sites), but also encouraged by OpAustralia, the wave of attacks against Australian Web Sites carried on against the Australian Internet Surveillance Law (apparently the latter operation was successful since the controversial law has been put on standby).
But Hacktivism was not the only “trend topic” for this period. The Middle East continues to be the cradle for unexpected cyber weapons threats. In August, two new occurrences of allegedly state sponsored malware: Gauss, a cyber-espionage tool targeting bank transaction, and Shamoon , a destructive malware targeting energy companies.
These are probably the most remarkable Cyber Events of this period, which has also seen a purported giant breach targeting Pearl.fr, a French e-commerce website whose 729,000 accounts, together with over 1 million bank transaction details, have been subtracted by hackers.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
16-31 December 2012 Cyber Attacks Timeline
The year is gone, and here it is the last Cyber Attack Timeline for 2012 (first part here).
The most important cyber-events of this second part of December can be considered: the third phase of the operation Ababil carried on by the Izz ad-Din al-Qassam Cyber Fighters against U.S. Banks, the attacks of the Anonymous collective against the Westboro Baptist Church, and, last but not least the Cyberwar echoes coming from Iran.
The wave of DDoS attacks carried on by the Izz ad-Din al-Qassam Cyber Fighters has taken down Six U.S. Banks under the fists of DDoS attacks apparently unstoppable. Instead the Anonymous seem to have changed tactic in their personal fight against the Westboro Baptist Church, they did not limit to DDoS the church’s website, but also performed a couple of Twitter account takeover against some key persons (with the collaboration of UGNazi members).
Instead, on the Cyberwar front, Iran confirms to be a danger zone, with some reports of a new Wiper and a simil-Stuxnet malware (even if this second news has been downplayed in a second moment.
Other noticeable news include an alleged breach to Yahoo!, a massive breach against a Chinese HP domain and a strange, controversial breach against Verizon FiOS (with data apparently leaked six months ago).
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.
1-15 April 2013 Cyber Attacks Timeline
I know, I am a little late this month. We have just entered May and I was able to publish the first part of the Timeline of April. I will try to maintain the usual rhythm and to be more punctual for the next releases.
Anyway, the first part of April has offered many interesting port with several large scale attacks and massive breaches. The first category includes the Darkleech malware against Apache, and the gigantic brute-force attack against WordPress. The second category includes the attacks against two primary Japanese portals, the FPS War Z, Scribd, Linode, and, most of all Schnucks Markets, targeting potentially 2.4 million users.
But not only Cyber Crime in this month, even the hacktivists were quite active with their OpIsrael 2 (and its controversial damage report), the wake of attacks against North Korean web sites, and even the sixth week of DDoS attacks against the U.S. Banks carried on under the so-called Operation Ababil.
Hard times for System Administrators!
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
(more…)