It's time to publish the second timeline of February covering the main cyber attacks occurred in the second half of this month. Despite the 29 days, I have collected a total of 97 events, including 6 falling in previous that slipped away from the first timeline. Definitely a sharp increase compared with the previous ones. Ransomware continues...
The #OpMegaupload and its subsequent Cyber Attacks all over the world, are diverging the attention from what is happening in the Middle East where the Cyber Conflict between Arab and Israeli Hackers is proceeding at an apparently unstoppable pace which forced me to post an update for the events occurred in the last week.
The rapid escalation of personal information leaks which characterized in the first two weeks of January has slightly changed shape, being replaced in the third week by Defacements and DDoS campaigns (targeting also the web sites of two Israeli Hospitals, as to say that a Cyber Geneva Convention is needed). Other dumps has also occurred, but not of the same scale as the first two weeks of January.
Besides the mutual DDoS and defacements to each other web sites, so far a quick calculation shows that since the beginning of this cyber war Arab Hackers have dumped more than 410,000 Credit Cards and 170,000 accounts, while the Israeli Counterparts have published approximately 11,000 Credit Cards, details of 140,000 individuals and 105,000 emails. Even if these data have to be taken with attention since many records have proven to be duplicated or fake, one consideration is clear: even Cyber Wars have their digital casualties.
The worst is yet to come?
After some mutual attacks in terms of DDoS and defacements (with a new entry from Morocco and a resounding defacement against the Tel Aviv University Security Studies Program website, the head of the National Cyber Defense Authority), this week has seen the revamping of Credit Cards leaks “thanks” to Zcompany Hacker crew, who dumped more than 200 Credit Cards belonging to Israel And United States.
Even considering this latter event, however, the timeline seems to have confirmed the descending trend, with the early actors of both parties apparently quiet inside their virtual shelters (maybe to elaborate new strategies). But in this apparently calm sky a new thunderstorm threatens the horizon: it is the Anonymous which posted a message promising a reign of terror for Israel…
If you have a look to the Middle East nations involved in the cyber conflict which made attacks or suffered attacks (depicted in the map below that does not include U.S. victim of the latest Credit Card leak and France whose Council of Jewish Institutions was hacked earlier in June), you may easily notice that the virtual geopolitics reflect nearly exactly the real ones (the dotted arrow from Iran indicates the uncertainty of the nationality of OxOmar) with the new entry of Pakistani ZHC.
I do not know if being happy or not, but it looks like the second half of June (the first timeline covering 1-15 June is here) has seen a sharp inversion of the decreasing trend recorded on the last few months. I have registered an increase of the number of attacks with particular focus on targeted attacks.
The cyber crime front offered several noticeable events, targeting, just to mention the most devastating cases: AT&T, Evernote, the State of Montana (1.3 million single individuals potentially affected), and Butler University.
Moving to hacktivism, the cyber temperature is still high in Brazil, where the hacktivists concentrated their unwelcome attentions. Other points of interest involve Pakistan, and US.
Last but not least, this period recorded an unusual number of targeted attacks spotted in the news. The list includes (but is not limited to): the British Government Secure Intranet, an US Hedge Fund, Vietnamese Ministry of Natural Resources and Environment, ICS vendors in US and Europe and a Government Agency in Taiwan.
As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
It’s time for the first cyber attacks timeline of July reporting the main cyber events happened (or discovered) during the first half of the month.
In a short summary: if even the number of recorded attacks remains moderate, the most important events of this period are related to Cyber Espionage: eight sophisticated campaigns have been discovered, a number remarkably high for this category.
On the cyber crime front, the most important event of this period is undoubtedly the massive attacks against Boleto, the Brazilian payment system ($ 3.5 billion is the amount of money stolen by the criminals), but also the purported leak of CNET’s database (subsequently offered on sale by the criminals at the symbolic price of 1 Bitcoin) deserves a special mention. Also the African continent is on the spot with the discovery of a repeated fraud against a couple of Nigerian banks.
Nothing particularly remarkable by hacktivists, with the partial exception of the Syrian Electronic Army, back with the Specialty of the House (the account hijacking, this time against the official Twitter account of the Israel Defence Force). The hacktivistic landscape also offered some attacks against Israel, related to the events in Gaza. Nothing particularly relevant so far, but everything suggests that the number of these attacks will dramatically increase in the next timeline.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
