Timeline of Cyber Attacks in Conjunction with the Pakistan and India Independence Days

As I previously mentioned in the 1-15 August Cyber Attack Timeline, I decided to build a dedicated timeline for the Cyber Attacks between India an Pakistan happened during the month of August as they reached an unusual peak in conjunction with the occurrence of the Independence Days in Pakistan (14 August), and India (15 August).

Actually the relationships between the two countries are not what I would define idyllic, and to confirm this scenario, a huge cyber espionage operation against BSNL the Indian state-owned Telco company, has recently surfaced. In any case, easily predictable, hackers of both sides contributed to add further fuel to the fire with an unusual peak of attacks concentrated around the dates of the Independence Days. These attacks have not the sophistication typical of state-sponsored operations, since are mainly “limited” to defacements (so the damage is more symbolic than practical). However, in several cases the targets are of very high profile (as in the case of the Facebook pages of the Pakistan Army).

A short (probably non-exhaustive) summary follows:

India Pakistan TL

Also notice that during the same Period Pakistan was targeted by an unprecedented wave of Cyber Attacks by Afghan Hackers.

Pakistan Afghanistan

This is indeed quite curious since the attacks came nearly in contemporary of the first football match between the two countries in Kabul after 36 years (and the first home match of the Afghanistan national team after 10 years). For the chronicle, in the real world, Afghanistan’s footballers have won 3-0 over Pakistan.

(more…)

Continue ReadingTimeline of Cyber Attacks in Conjunction with the Pakistan and India Independence Days

1-15 October 2013 Cyber Attacks Timeline

It’s time to review the list of the main cyber attacks happened during the first half of October.

Of course there are few doubts: the breach involving Adobe (compromising the details of 3 million customers and the source code of two products) is for sure the most remarkable event of the month (and probably of the year), and its consequences will likely affect the Infosec landscape for long. In addition it overshadowed all the other events occurred so it is quite hard to summarize the threat landscape of the first 15 days of October.

In a nutshell, these two weeks have brought an unprecedented number of DNS Hijackings and several considerable breaches (however not comparable in size and impact with the one affecting Adobe). At first glance, looks like the number of attacks motivated by Cyber Crime is constantly increasing and leaving behind Hacktivism.

Last but not least, curiously, for this couple of weeks, I did not find any remarkable operations motivated by Cyber Espionage.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 October 2013 Cyber Attacks Timeline

(more…)

Continue Reading1-15 October 2013 Cyber Attacks Timeline

16-31 June 2014 Cyber Attacks Timeline

I do not know if being happy or not, but it looks like the second half of June (the first timeline covering 1-15 June is here) has seen a sharp inversion of the decreasing trend recorded on the last few months. I have registered an increase of the number of attacks with particular focus on targeted attacks.

The cyber crime front offered several noticeable events, targeting, just to mention the most devastating cases: AT&T, Evernote, the State of Montana (1.3 million single individuals potentially affected), and Butler University.

Moving to hacktivism, the cyber temperature is still high in Brazil, where the hacktivists concentrated their unwelcome attentions. Other points of interest involve Pakistan, and US.

Last but not least, this period recorded an unusual number of targeted attacks spotted in the news. The list includes (but is not limited to): the British Government Secure Intranet, an US Hedge Fund, Vietnamese Ministry of Natural Resources and Environment, ICS vendors in US and Europe and a Government Agency in Taiwan.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2014 Cyber Attacks Timeline rev2

(more…)

Continue Reading16-31 June 2014 Cyber Attacks Timeline

16-31 July 2014 Cyber Attacks Timeline

July is gone and hence it’s time, as usual, to summarize the main cyber events happened in the second half of this month (Part I here).

For a strange coincidence this month has shown an unusual number of breaches dating back to several years ago (2010-2012) and reported only now: Catch of The Day, Think W3 Limited, Paddy Power and Lasko are the organizations affected.

Looking quickly at Cyber Crime, these two weeks have brought the breach to The Wall Street Journal (by W0rm the same author of the breach to CNET), the disclosure of a failed attempt to disrupt the Nasdaq in 2010, a breach to the website of the European Central Bank, an extensive attack aimed to compromise the Tor Infrastructure, and, last bunt not least, the DHS advisory related to Backokff, a PoS Malware already compromising 600 organizations throughout the U.S.

Moving to Cyber Espionage, this period will be remembered for the Canadian allegations against China, related to a cyber attack against The National Research Council and the possible compromising three Israeli defense contractors responsible for building the “Iron Dome” missile shield program.

Israel was even under the radar of the Hacktivists, who concentrated there their efforts in support of the #OpSaveGaza operation.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 July 2014 Cyber Attacks Timeline (more…)

Continue Reading16-31 July 2014 Cyber Attacks Timeline