16-31 August 2014 Cyber Attacks Timeline

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).16-31-august-2014-cyber-attacks-timeline-v2

(more…)

Continue Reading16-31 August 2014 Cyber Attacks Timeline

16-31 January 2013 Cyber Attacks Timeline

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.16-31-january-2013-cyber-attacks-timeline

(more…)

Continue Reading16-31 January 2013 Cyber Attacks Timeline

February 2012 Cyber Attacks Timeline

Find here February 2012 Cyber Attacks Timelime Part I.

With a small  delay (my apologies but the end of February has been very busy for me and not only for Cybercrooks as you will soon see), here it is the second part of my compilation with the main Cyber Attacks for February 2012.

Easily Predictable, the Hacktivism is still the main concern for System Administrators, in particular for the ones of Stratfor who suffered a huge leak of 5 million of emails.

On the same front, the threats of the Anonymous for the Friday actions have come true and as a matter of fact Law Enforcement Agencies suffered other remarkable breaches in this month: Infragard for the second time and also Interpol (a new entry) that was taken down after the arrest of 25 members of the collective. Anti ACTA protest also continue to shake Europe as also the delicate economical and social situation in Greece.

Last but not least, this month has also seen an unforgettable leak, affecting potentially more than 1.000.000 Youporn users.

As usual, the chart does not include the events related to Middle East Cyber War Timeline, that you may find at this link, as they “deserve” a dedicated timeline.

After the jump you find all the references, follows @paulsparrows for the latest updates on a regular basis and also have a look to the 2012 Cyber Attacks Timeline Master Index.

(more…)

Continue ReadingFebruary 2012 Cyber Attacks Timeline

1-15 January 2013 Cyber Attacks Timeline

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 January 2013 Cyber Attacks Timeline (more…)

Continue Reading1-15 January 2013 Cyber Attacks Timeline

1-15 May 2013 Cyber Attacks Timeline

And here we are with our bi-weekly review of the main cyber attacks. This time is the turn of the first half of May.

Probably this month will be remembered for the huge cyber-heist against two Payment Processors, and affecting two banks (National Bank of Ras Al-Khaimah PSC in the United Arab Emirates and the Bank of Muscat in Oman), which suffered a massive loss of $45 million due to an endless wave of unlimited withdrawals from their ATMs.

Other relevant actions related to Cyber-criminal operations include the massive breaches against MSI Taiwan (50,000 records affected) and most of all, the Washington state Administrative Office of the Courts (up to 160,000 SSN and 1 million driver’s license numbers).

On the other hand, the hacktivists concentrated their efforts on the so-called OpUSA (7 May), even if it looks like that most of the attacks were nuisance-level. Instead, and this is a great news, after months of intense activity, the operation Ababil come to a stop.

On the cyber war front, this month reports an unedited conflict between Taiwan and Philippines.

Last but not least, even if this attack dates back to 2007, on the Cyber-Espionage front, Bloomberg has shaken this lazy month revealing the repeated attacks by the infamous Comment Crew hackers against Qinetiq, a very critical Defense contractor. The cyber threats from the Red Dragon (real or alleged) keep on scaring the western world.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2013 Cyber Attacks Timeline Part I (more…)

Continue Reading1-15 May 2013 Cyber Attacks Timeline