1-15 March 2015 Cyber Attacks Timeline

Spring is at the door, and finally the endless winter is coming to an end. I am just wondering if the crooks are starting to enjoy the first rays of sun, given the relatively low level of attacks in the first half of March.

Effectively, for the first time since several months, no massive breaches have been recorded. But don’t get carried away: the second half of March has begun in the worst possible way with the gigantic breach suffered by Premera (definitely a deja vu).

In any case, during the first half of the month, there have been several remarkable attacks driven by criminal intentions, however none of them has achieved the levels we have been used to in the previous months (not for long unfortunately).

Shifting to hacktivism, the Pro-Palestinian collective Anonghost was back in action, and even the Anonymous were back from stealth mode. However the most active actors have been the pro-isis hackers, who have defaced hundreds of Western sites, forcing the FBI to investigate these incidents. It is impossible to count all the victims, so just a special mention for them.

The Cyber Espionage has maybe offered the most peculiar attack, consisting in the hijacking of the internet traffic for 167 important British Telecom customers (including a UK defense contractor) towards Ukraine, before reaching their final destination. Even if the key question probably remains unsolved: was this a gigantic routing blunder or a very large scale attack?

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15 Mar 2015 Cyber Attacks Timeline

(more…)

Continue Reading1-15 March 2015 Cyber Attacks Timeline

16-31 March 2015 Cyber Attacks Timeline

I am back in business after a short vacation period (now and then it happens!), just in time to publish the second Cyber Attack timeline of March (the first one is here), which confirms the growing trend we have been experiencing in 2015.

Two weeks packed with events, started in the worst possible way, with the massive cyber attack against Premera Blue Cross (11 million customers affected), and continued with the same baffling trend, since the list of organizations targeted by massive breaches, includes other primary companies such as British Airways, Slack and Twitch (an Amazon-owned game video streaming service).

Two weeks that also saw a sustained DDoS attack against GitHub, the discovery of several campaigns (Operation Woolen-Goldfish, the Trojan.Loziak malware targeting oil and gas companies, and the Volatile Cedar campaign originating in Lebanon), and also an official statement issued by the South Korean government, blaming North Korea for the network intrusions that stole data from Korea Hydro and Nuclear Power (KHNP).

In background, the usual sea of smaller events driven by hacktivism or cybercrime.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2015 Cyber Attacks Timelines (more…)

Continue Reading16-31 March 2015 Cyber Attacks Timeline

16-30 April 2015 Cyber Attacks Timeline

It’ s time to publish the timeline with the main cyber attacks occurred in April 2015 (Part I here).

Despite the number of attacks has shown a decreasing trend, this second part of April will be probably remembered for the Cyber Espionage campaigns, which, in a couple of cases, have successfully hit the White House, a coveted target for Russian hackers. Other remarkable events in this space include the return of APT 28 (Operation Russian Doll) and an operation carried on by Arabic-speaking attackers, targeting Israeli military networks.

The cyber crime landscape was dominated by the international scam against Ryanair, hit by a fraudulent electronic transaction costing $5 million. Tesla was also the target of an account hijacking, an attack maybe more important from a symbolic point of view rather than for the real effect.

Moving to hacktivism, the chronicles do not report particularly meaningful events. A couple of actions carried on by the Anonymous (against sites related with animal abuse, and against an Israeli weapon accessories manufacturer) and several few other events of minor importance.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2015 Cyber Attacks Timeline (more…)

Continue Reading16-30 April 2015 Cyber Attacks Timeline

1-15 May 2015 Cyber Attacks Timeline

It’s time for the first timeline of May, reporting the main cyber attacks occurred between 1 and 15 May 2015.

The Summer is at the gates, but apparently the nice weather is not stopping the attackers from their intentions: I have recorded 52 attacks, a dramatic turnaround in comparison with April, and a strong indication that the slowing trend of the past couple of months has suffered a sudden stop.

All the three main categories (Cyber Crime, Hacktivism and Cyber Espionage) have reported a surge in the number of attacks, and not only in terms of number.

Hacktivism has been characterized by the unwelcome return of the Syrian Electronic Army, who has hacked (again) the Washington Post, and by several operations carried on by the Anonymous collective (with a wide range of targets, spanning from Expo 2015 to the World Trade Organization).

Cyber Crime has been characterized by the publication on the Dark Web of the whole database of mSpy (a mobile spyware Firm) putting at risk potentially 400,000 users, an action that has overshadowed all the other events.

Even the Cyber Espionage landscape appears quite worrisome. I have counted on 4 operations, and of course I could not help but include the attack against the Penn State’s College of Engineering (two cyber intrusions allegedly originating from China, which potentially exposed 18,000 users) and also a “sophisticated attack” against the German Parliament.

As usual, keep the level of attention high, and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2015 Cyber Attacks Timeline

(more…)

Continue Reading1-15 May 2015 Cyber Attacks Timeline

1-15 June 2015 Cyber Attacks Timeline

I know you were losing all your hopes… Don’t panic! Even if with a little delay, here we go with the 1-15 June Cyber Attacks timeline.

This first half of June has been quite troubled from an infosec standpoint, with a couple of events that overshadowed all the rest and that will be probably remembered for a long time (and who can tell how long the consequences will last), I am obviously talking about the breach(es) suffered by the Office Of Personnel Management and the cyber attack executed against Kaspersky using a revamped version of Duqu dubbed Duqu 2.0.

Other interesting events of the month include the breach suffered by Lastpass, the return of the Syrian Electronic Army, who have defaced the official website of the US Army, and even a targeted attack against the Japan’s Petroleum Association for which few information is available.

As usual, keep the level of attention high, and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2015 Cyber Attacks Timeline (more…)

Continue Reading1-15 June 2015 Cyber Attacks Timeline