15-31 May 2013 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline for May (first part here).

The second half of the month has shown an unusual activity with several high-profile breaches motivated by Cyber-Crime or Hacktivism, but also with the disclosure of massive Cyber-Espionage operations.

The unwelcome prize for the “Breach of the Month” is for Yahoo! Japan, that suffered the possible compromising of 22 million users (but in general this was an hard month for the Far East considering that also Groupon Taiwan suffered an illegitimate attempt to access the data of its 4.1 million of customers).

On the cyber-espionage front, the leading role is for the Chinese cyber army, accused of compromising the secret plans of advanced weapons systems from the U.S. and the secret plans for the new headquarter of the Australian Security Intelligence Organization.

On the Hacktivism front, this month has been particularly troubled for the South African Police, whose web site has been hacked with the compromising of 16,000 individuals, including 15,700 whistle-bowlers.

Other noticeable events include the unauthorized access against the well known open source CMS Drupal (causing the reset of 1 million of passwords), the trail of hijacked Twitter accounts by the Syrian Electronic Army and also an unprecedented wave of attacks against targets belonging to Automotive.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).may-2013-cyber-attacks-timeline-part-ii1

(more…)

Continue Reading15-31 May 2013 Cyber Attacks Timeline

1-15 May 2013 Cyber Attacks Timeline

And here we are with our bi-weekly review of the main cyber attacks. This time is the turn of the first half of May.

Probably this month will be remembered for the huge cyber-heist against two Payment Processors, and affecting two banks (National Bank of Ras Al-Khaimah PSC in the United Arab Emirates and the Bank of Muscat in Oman), which suffered a massive loss of $45 million due to an endless wave of unlimited withdrawals from their ATMs.

Other relevant actions related to Cyber-criminal operations include the massive breaches against MSI Taiwan (50,000 records affected) and most of all, the Washington state Administrative Office of the Courts (up to 160,000 SSN and 1 million driver’s license numbers).

On the other hand, the hacktivists concentrated their efforts on the so-called OpUSA (7 May), even if it looks like that most of the attacks were nuisance-level. Instead, and this is a great news, after months of intense activity, the operation Ababil come to a stop.

On the cyber war front, this month reports an unedited conflict between Taiwan and Philippines.

Last but not least, even if this attack dates back to 2007, on the Cyber-Espionage front, Bloomberg has shaken this lazy month revealing the repeated attacks by the infamous Comment Crew hackers against Qinetiq, a very critical Defense contractor. The cyber threats from the Red Dragon (real or alleged) keep on scaring the western world.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2013 Cyber Attacks Timeline Part I (more…)

Continue Reading1-15 May 2013 Cyber Attacks Timeline

1-15 May 2014 Cyber Attacks Timeline

Here we have with the list of the most significant Cyber Attacks happened in the first half of April (according to my very own point of view).

There are few doubts about the fact that Orange is the winner of the unwelcome prize for the most noticeable breach after the theft of the information of 1.3 million users.

Other interesting events related to Cyber Crime include the breach of Bitly, the famous URL shortening service and a new heist against a virtual currency wallet (this time the victim is Doge Vault, one of the most popular online repositories for the cryptocurrency Dogecoin).

Moving to Cyber Espionage, this month reports two interesting events, the theft of Data related to the Ukraine crisis from the Belgian Foreign Ministry, and the discovery of Operation Saffron Rose, a long-term campaign against western defense contractor carried on by a team of Iranian hackers dubbed Ajax Security Team.

Last but not least, among the hacktivists, chronicles report of  a new action of the infamous Syrian Electronic Army (against four accounts of The Wall Street journal) and the usual skirmishes between Pakistani and Indian hackers (but is questionable in my opinion to determine if those events can be classified as part of a harmless cyber war or are rather mutual actions between hactivists acting on opposite sides).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2014 Cyber Attacks Timelines (more…)

Continue Reading1-15 May 2014 Cyber Attacks Timeline

16-31 May 2014 Cyber Attacks Timeline

Here we are with the second part of the timeline of May (first part here).

Summer is coming here, and looks like attackers prefer to spend more  time in the beach rather than in front of their keyboards. In fact the number of reported attack is confirming its decreasing trend, at least for this part of the year.

Nonetheless, the second part of may has brought some noticeable events, such as the attack to Ebay (potentially 145 million accounts compromised), the attack against the Avast! Forum (400,000 records compromised) and the Arkansas State University (“only” 50,000 records). Other noticeable (and funny) event includes the hack of a San Francisco road sign by a prankster announcing the attack by Godzilla!

Cyber Spies were indeed pretty active in this period. Chronicles report of the Operation Clandestine Fox, a cyber attack against several industries in Australia, an undisclosed utility attacked in the US, a three year social network poisoning campaign sponsored by Iran and, last but not least, the alleged attack against the $12.7 million supercomputer in New Zealand from Chinese attackers.

Instead the operations from Law Enforcement Agencies against Hacktivists seem to be effective, the number of attacks motivated by hacktivism is dramatically reducing.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 May 2014 Cyber Attacks Timelinesv2

(more…)

Continue Reading16-31 May 2014 Cyber Attacks Timeline