1-15 November 2013 Cyber Attacks Timeline

It’s time for the summary of the main cyber attacks occurred in the first half of November and reported on the news.

These fifteen days have been particularly troubled from an information security perspective, having left to the records several remarkable breaches: LoyaltyBuild, affecting potentially 1.12 million individuals, CorporateCarOnline.com (850,000 individuals), MacRumors (850,000 individuals) and, last but not least, vBulletin (860,000 users affected). A damage report which appears really devastating.

But even hacktivists have been particularly active: several operations have been carried on by the Anonymous all over the world (Italy, UK, Singapore, Japan, Philippines and Ukraine). One in particular (by Indonesian hacktivists against Australian targets) has apparently created a fracture inside the collective.

Last but not least, the chronicles report the latest hack of the Syrian Electronic Army against VICE and a new wave of attacks of Pakistani hackers against Indian targets.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15 November 2013 Cyber Attacks Timeline

(more…)

Continue Reading1-15 November 2013 Cyber Attacks Timeline

16-31 December 2013 Cyber Attacks Timeline

Let’s give the welcome to this new infosec year with the first timeline of 2014 (or better the last of 2013) summarizing the main events occurred in the second half of December 2013.

With no doubt, this holiday season has been characterized by the Target breach, whose size is constantly growing (110 million the number of potential victims according to recent estimates). This massive incident has somehow shadowed another massive breached occurred in Turkey, were Russian hackers have allegedly been able to obtain 54 million citizens’ ID Data. With similar numbers, the 300.000 users potentially affected by the Cyber Attack involving Affinity Gaming appear risible.

Other considerable events include a Christmas Intrusion on a BBC server (with the author possibly selling the backdoor access on the underground) and yet another possible intrusion by Chinese hackers on a US target, specifically the Federal Election Commission.

Nothing particularly significant on the hacktivism front characterized by the consolidated “background noise” of events whose sizes are well far from the levels of the recent years.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2013 Cyber Attacks Timeline Update2 (more…)

Continue Reading16-31 December 2013 Cyber Attacks Timeline

1-15 January 2014 Cyber Attacks Timeline

It’s time for the Cyber Attacks Timeline for the first half of January 2014. I wish we had a better start for this Infosec year. Not even a month has passed (actually this timeline covers the first two weeks) and we have already seen several massive breaches (Snapchat) and other resounding events, maybe less relevant from a mere numeric perspective, but equally meaningful for the high profile of the victims involved (Microsoft).

Besides Snapchat, other important organizations have been targeted by Cyber crooks with very bad consequences: World Poker Tour (175,333), Staysure (93,000 individuals involved) and OpenSUSE (79,500 victims) are the most noticeable examples. On the cyber crime front other meaningful events include a wave of attacks against Video Games industries, and the hacking of Yahoo advertise network, infecting, potentially 27,000 users per hour.

Hacktivists of the Syrian Electronic Army are back with the result that even Microsoft is now part of the list of their victims (however their web site was also hacked in the same period). Other hacktivists very active in the same period include the infamous RedHack collective.

Last but not least, the control room of the Nuclear Plant of Monju in Japan was found infected with a malware capable of allegedly exfiltrate 42,000 emails.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Jan 2014 Cyber Attacks Timeline

(more…)

Continue Reading1-15 January 2014 Cyber Attacks Timeline

16-31 January 2014 Cyber Attacks Timeline

Even if with several days of delay, it is time for the second Cyber Attacks Timeline of June January 2014 (Part I here).

Unfortunately the trail of massive breaches has continued even in the second half of the month with the two remarkable events of the 16 million of records scraped by a German botnet and also the discovery of the ChewBacca malware by RSA. Cyber Crime Chronicles also report a global password reset issued by Yahoo! after the discovery of a coordinated effort to compromise accounts.

Cyber Espionage Chronicles report of an attempted malware attack against the Electronic Frontier Foundation, the Israeli Defense Ministry and, most of all, the discovery of an operation allegedly orchestrated by Russian hackers against Western energy interests.

Looking at the attacks motivated by Hacktivism, the Syrian Electronic Army were behind the most noticeable events.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Jan 2014 Cyber Attacks Timeline

(more…)

Continue Reading16-31 January 2014 Cyber Attacks Timeline

1-15 February 2014 Cyber Attacks Timeline

And here we are with the timelines of the main Cyber Attacks happened during the first half of February.

It is very hard to summarize these days from an Infosec perspective, considering the noticeable number of massive breaches: Kickstarter (potentially 5.6 million of records affected), Forbes (1 million records leaked), Orange (800,000 users impacted) and St. Joseph Health System (400,000 users affected) are the main examples, but they must not overshadow other ‘minor’ events such as the the attack against Bell.ca (‘only’ 40,000 users affected).

15 days in which Cybercrime and Hacktivism dangerously overlapped, ‘thanks’ mainly to the infamous Syrian Electronic Army, author of the hack against Forbes but also of several account hijacking attacks that have become their unique fingerprint, but also ‘thanks’ to the RedHack collective who, once again, targeted (directly or indirectly) the Turkish Government with three noticeable attacks.

Last but not least, the Cyber Espionage: the first half of February has brought us the discovery of “The Mask” (AKA Careto), a massive Operation targeting 31 countries around the world, but also the revelation of an alleged attack carried on by Huawei against the Indian provider BSNL and a further purported Chinese attack against some bio-medic industries in the U.S.

Finally, the Cyber War between India and Pakistan deserves a special mention, despite only defacements have been reported, the end of the fight is far from being reached.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2014 Cyber Attacks Timelines (more…)

Continue Reading1-15 February 2014 Cyber Attacks Timeline

16-31 March 2014 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline (first part here).

The prize for the most noticeable breach of the month goes in Korea, where a 31-year-old man has been arrested for infiltrating the account of 25 million users of Never, a local Internet Portal (actually it happened several months ago but was unveiled in this month). Other noticeable events include the trail of attacks against several Universities (Maryland, Auburn, Purdue, Wisconsin-Parkside), the compromising of personal information of 550,000 employees and users of Spec’s, the leak of 158,000 forum users of Boxee.tv and 95,000 users of Cerberus and, finally, a breach targeting the California Department of Motor Vehicles. Last but not least, even the infamous Operation Windigo has deserved a mention in the timeline.

Moving to Hacktivism, chronicles report of a couple of hijackings performed, as usual, by the Syrian Electronic Army, a couple of operations carried on by the Russian Cyber Command and a (probably fake) attack by someone in disguise of Anonymous Ukraine, claiming to to have leaked 7 million Russian Credit Cards. Probably a recycle of old leaks.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2014 Cyber Attacks Timelines (more…)

Continue Reading16-31 March 2014 Cyber Attacks Timeline

16-30 April 2014 Cyber Attacks Timeline

It’s time for the report of the cyber activity in April. As usual this post summarizes the main events between 16 and 30 April, whereas the first part covering the attacks between 1 and 15 April 2014 can be found here (ok, actually there’s one attack I had to include in this timeline, dated 10 April).

Apparently this second half has shown a decreasing trend (who knows, maybe the Easter has brought good intentions), nonetheless there have been some noticeable events such as the breach to AOL Mail affecting potentially 50 million users, the breach to Eircom and the interesting trend of attacks against educational institutions (Universities of Virginia, Iowa, North Carolina Wilmington).

In this general decreasing trend, even the attacks motivated by hacktivism have shown a consistent reduction in volume and impact (the Syrian Electronic Army has admitted to be in vacation).

Nothing else of particularly significant to mention but the continual cyber skirmishes between India and Pakistan. Although interesting from an analytic  perspective, the attacks were ‘limited’ to defacements, and hence the overall impact was modest.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2014 Cyber Attacks Timelines (more…)

Continue Reading16-30 April 2014 Cyber Attacks Timeline

1-15 May 2014 Cyber Attacks Timeline

Here we have with the list of the most significant Cyber Attacks happened in the first half of April (according to my very own point of view).

There are few doubts about the fact that Orange is the winner of the unwelcome prize for the most noticeable breach after the theft of the information of 1.3 million users.

Other interesting events related to Cyber Crime include the breach of Bitly, the famous URL shortening service and a new heist against a virtual currency wallet (this time the victim is Doge Vault, one of the most popular online repositories for the cryptocurrency Dogecoin).

Moving to Cyber Espionage, this month reports two interesting events, the theft of Data related to the Ukraine crisis from the Belgian Foreign Ministry, and the discovery of Operation Saffron Rose, a long-term campaign against western defense contractor carried on by a team of Iranian hackers dubbed Ajax Security Team.

Last but not least, among the hacktivists, chronicles report of  a new action of the infamous Syrian Electronic Army (against four accounts of The Wall Street journal) and the usual skirmishes between Pakistani and Indian hackers (but is questionable in my opinion to determine if those events can be classified as part of a harmless cyber war or are rather mutual actions between hactivists acting on opposite sides).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2014 Cyber Attacks Timelines (more…)

Continue Reading1-15 May 2014 Cyber Attacks Timeline

16-30 November 2014 Cyber Attacks Timeline

The Cyber Monday has just gone, and here we are with the second Cyber Attacks Timeline of November (Part I here).

Even if no massive breaches against retailers have been discovered so far (however do not get carried away since they will probably need several weeks to surface!), this month equally shows some remarkable events for Cyber Crime, Hacktivism and Cyber Espionage.

Actually I just really did not know where to begin, since each sector shows at least one noticeable events. However, after scrolling down the list, I believe that the crown of the month is all for the powerful Regin, the brand new cyber weapon discovered by Symantec. If you believed that the complexity of Stuxnet, Flame and Duqu was a closed page, you will have to change your mind.

This event has overshadowed the massive attack against Sony Pictures Entertainment, allegedly traced to North Korea, in the wake of the release of the comedy “The Interview”, which has been deemed discriminatory against the country and inciting to terrorism. This attack, which has more then one similarity with the infamous Dark Seoul, has completely blocked the Sony internal IT network and is making happy many individuals worldwide, since several Gigabytes of unreleased material are being leaked in these hours.

Last but not least the hacktivists are back! Not only the Syrian Electronic Army has exited stealth mode, with an attack to Gigya, an identity management platform, which has affected many illustrious victims worldwide, but also the Anonymous have been the authors of several attacks, just like the good old days, in the wake of the controversial decision of the Ferguson grand jury decision.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 November 2014 Cyber Attacks Timeline (more…)

Continue Reading16-30 November 2014 Cyber Attacks Timeline

1-15 December 2014 Cyber Attacks Timeline

It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).

Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.

At least for once, let us start from hacktivism. The hacktivists seem to be back in action: the Anonymous have taken part, directly or indirectly to several operations motivated by the racial tensions in the US (DDoS attacks against Oakland and Ontario), the raids against the Pirate Bay (leaks of Governmental emails), and the protests against the new High Speed Train line connecting Turin and Lyon (the defacement of  Official website of the Rhône-Alpes region).

A different form of hacktivism (but the border with Cyber Warfare in this case is really blurred) hit Sands Casinos earlier this year. Bloomberg has revealed that an apparent innocuous defacement happened in February was actually the mark of a more devastating attack perpetrated by Iranian hackers, who were able to wipe out all the internal clients and servers.

The Cyber Crime landscape (again maybe it should be more correct to call it Cyber Warfare) is still dominated by the outcome of the Infamous attack to Sony. Other interesting events concern the attack to an unnamed steel industry in Germany, causing physical damages, yet another wave of DDoS attacks against Sony (again!) and XboX Live, and the alleged compromise of Ars Technica requiring the registered users to change their passwords.

Last but not least, the level of state-sponsored operations is always high: at least three of them deserve to be mentioned: Operation Cleaver (allegedly backed by Iran), the resurrection of the Red October Group (Cloud Atlas or Inception) and also the discovery that the ISIS is active also in the Cyber Space, targeting a group of Syrian activists.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline (more…)

Continue Reading1-15 December 2014 Cyber Attacks Timeline