16-31 August 2014 Cyber Attacks Timeline

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).16-31-august-2014-cyber-attacks-timeline-v2

(more…)

Continue Reading16-31 August 2014 Cyber Attacks Timeline

Fortune 500 Cyber Attacks Timeline

For the Infosec professionals, this troubled 2014 will be remembered for the trail of gigantic breaches unleashed nearly exactly one year ago, when the real outcome of the infamous Target breach became to emerge. The real extent of the breach was yet to be known, like also the fact that it would not have been an isolated case, but just the beginning of a nightmare.

However this is not the only example of a Fortune 500 company deeply hit, and thanks to a very smart hint by @bufferzone, I took the opportunity to collect in this timeline all the main cyber incidents involving Fortune 500 and Fortune 500 Global companies since 2011 to nowadays.

The adopted selection criteria take into considerations only incidents involving a direct impact on end users, so defacements have not been taken into consideration.

Fortune 500 Global companies are characterized by a blank value in the Rank column, whereas Fortune 500 companies are characterized by a red value. Also, when possible I inserted both values if the targeted company belongs to both charts and, in those cases in which a subsidiary company has been targeted, I have obviously inserted the rank of the parent company.

Fortune 500 Cyber Attacks TImeline (more…)

Continue ReadingFortune 500 Cyber Attacks Timeline