1-15 December 2012 Cyber Attacks Timeline

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.

Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 December 2012 Cyber Attack Timeline (more…)

Continue Reading1-15 December 2012 Cyber Attacks Timeline

16-31 December 2013 Cyber Attacks Timeline

Let’s give the welcome to this new infosec year with the first timeline of 2014 (or better the last of 2013) summarizing the main events occurred in the second half of December 2013.

With no doubt, this holiday season has been characterized by the Target breach, whose size is constantly growing (110 million the number of potential victims according to recent estimates). This massive incident has somehow shadowed another massive breached occurred in Turkey, were Russian hackers have allegedly been able to obtain 54 million citizens’ ID Data. With similar numbers, the 300.000 users potentially affected by the Cyber Attack involving Affinity Gaming appear risible.

Other considerable events include a Christmas Intrusion on a BBC server (with the author possibly selling the backdoor access on the underground) and yet another possible intrusion by Chinese hackers on a US target, specifically the Federal Election Commission.

Nothing particularly significant on the hacktivism front characterized by the consolidated “background noise” of events whose sizes are well far from the levels of the recent years.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2013 Cyber Attacks Timeline Update2 (more…)

Continue Reading16-31 December 2013 Cyber Attacks Timeline

1-15 December 2014 Cyber Attacks Timeline

It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).

Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.

At least for once, let us start from hacktivism. The hacktivists seem to be back in action: the Anonymous have taken part, directly or indirectly to several operations motivated by the racial tensions in the US (DDoS attacks against Oakland and Ontario), the raids against the Pirate Bay (leaks of Governmental emails), and the protests against the new High Speed Train line connecting Turin and Lyon (the defacement of  Official website of the Rhône-Alpes region).

A different form of hacktivism (but the border with Cyber Warfare in this case is really blurred) hit Sands Casinos earlier this year. Bloomberg has revealed that an apparent innocuous defacement happened in February was actually the mark of a more devastating attack perpetrated by Iranian hackers, who were able to wipe out all the internal clients and servers.

The Cyber Crime landscape (again maybe it should be more correct to call it Cyber Warfare) is still dominated by the outcome of the Infamous attack to Sony. Other interesting events concern the attack to an unnamed steel industry in Germany, causing physical damages, yet another wave of DDoS attacks against Sony (again!) and XboX Live, and the alleged compromise of Ars Technica requiring the registered users to change their passwords.

Last but not least, the level of state-sponsored operations is always high: at least three of them deserve to be mentioned: Operation Cleaver (allegedly backed by Iran), the resurrection of the Red October Group (Cloud Atlas or Inception) and also the discovery that the ISIS is active also in the Cyber Space, targeting a group of Syrian activists.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline (more…)

Continue Reading1-15 December 2014 Cyber Attacks Timeline

16-31 December Cyber Attacks Timeline

Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).

No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).

But the latter was not the only attack targeting the Tor anonymity service in this period, which also suffered an unexplained outage affecting a cluster of Tor Directory Authority Servers in a Rotterdam data center.

Other noticeable events concern the outage of the Internet connection in North Korea (despite it is not completely clear if caused by a cyber attack or a fault), a malware detected in a South Korea power plant, the attacks targeting the ICANN and the ISC Consortium, two among the most important organizations for the Internet, and (yet another) breach targeting NVIDIA.

Moving to a different topic, all in all the hacktivists decided to enjoy the Christmas vacations with the exception of the Syrian Electronic Army who were back, and defaced an online magazine, the International Business Time, for an article against the Syrian regime.

Last but not least, with regard to  Cyber Espionage, there have been two operations discovered in this period: an alleged attack perpetrated by Chinese hackers against an Afghan CDN targeting directly many local governmental sites, and indirectly many foreign institutions, and also the discovery of the Anunak group, a well-organized crew able to steal USD $25 Million with a long lasting cyber espionage operation against targets in Europe and the US.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2014 Cyber Attacks Timeline (more…)

Continue Reading16-31 December Cyber Attacks Timeline