1-15 February 2015 Cyber Attacks Timeline

I was delivering to Anthem the very unwelcome prize for the first massive breach of 2015, when the Operation Carbanak has brought an unexpected tail to this first half of February.

These two events have undoubtedly characterized this timeline and overshadowed all the others: on one hand, a massive cyber attack (allegedly carried on by Chinese hackers) targeting one of the largest US ensurers, able to scoop up 80 million records. On the other hand, a sophisticated long lasting campaign, stealing more than $300 million on 100 banks in 30 nations.

It is very hard to choose which one deserves the (not so) coveted prize, in any case a consideration is worth: there could not have been a worst way to begin this 2015 Infosec year.

Moving on along the timeline, other interesting events appear, such as the compromising of the Forbes web site (again Flash is on the spot) by a Chinese APT Group dubbed Codoso, a “mobile tail” of the Operation Pawn Storm, now spreading to iOS devices, and eventually an unprecedented campaign targeting Syrian rebels using a combination of fake social media and Skype accounts associated with fictional female characters.

In background, as usual, multiple events driven by hacktivism, whose most remarkable one is undoubtedly the massive campaign carried on by the Anonymous collective, aimed to erase hundreds of pro-ISIS accounts and profiles from the Cyber Space (in particular from Facebook and Twitter).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15-feb-2015-cyber-attacks-timeline

(more…)

Continue Reading1-15 February 2015 Cyber Attacks Timeline

16-28 February 2015 Cyber Attacks Timeline

It’s time for the second timeline of February (first timeline here) covering the main cyber attacks occurred between 16 and 28 February 2015 (including also several few attacks that actually happened in the first 15 days).

With only 13 days available, this is normally the timeline with less activity. Not this year actually, since despite the shorter period, the number of reported attacks is undoubtedly remarkable.

If you look at the targeted attacks, you’ll be spoiled for choice: several remarkable operations (The Equation Group setting new standards in term of sophistication, Operation Rapid Viper against Israel and Operation Desert Falcons against several companies and individuals in Middle East), and a cyber attack, purportedly originating from China against the Dutch Chip Manufacturer ASML.

Even looking at Cyber Crime, you’ll be spoiled for choice as well. The Lizard Squad is back with an original retaliation against Lenovo, in the wake of the Superfish affair: they hacked the registrar that procured the Lenovo address, using that illegitimate access to hijack, shortly after, the lenovo.com domain. Other remarkable events include the admission of a breach by TalkTalk, involving potentially 4 million customers, a breach to Uber, putting at risk 50,000 past and present drivers, and other two cases of Bitcoin Exchange sites hacked (in particular Canada based Cavirtex is forced to shut down, whereas the losses for the Chinese Bter amount to $1.75 million.

Last but not least, nothing particular meaningful to mention for what concerns hacktivism: several sparse operation with no significant impact.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-28 Feb 2015 Cyber Attacks Timelines (more…)

Continue Reading16-28 February 2015 Cyber Attacks Timeline

1-16 February 2013 Cyber Attacks Timeline

Here is the summary of the Cyber Attacks Timeline for February. A month that will probably be remembered for the “sophisticated” cyber attacks to the two main social networks: Facebook and Twitter.

But the attacks against the two major social networks were not the only remarkable events of this period. Other governmental and industrial high-profile targets have fallen under the blows of (state-sponsored) cyber criminals: the list of the governmental targets is led by the U.S. Department of Energy and the Japan Ministry of Foreign Affairs, while Bit9, a primary security firm, was also targeted, leading the chart of Industrial targets.

Hacktivists have raised the bar and breached the Federal Reserve, leaking the details of 4,000 U.S. Banks executives. Similarly, the Bush family was also targeted, suffering the leak of private emails.

Even if the list is not as long as the one of January, it includes other important targets, so, scroll it down to have an idea of how fragile our data are inside the cyberspace. Also have a look at the timelines of the main Cyber Attacks in 2011, 20122013, and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.1-16-february-2013-cyber-attacks-timeline1

(more…)

Continue Reading1-16 February 2013 Cyber Attacks Timeline