15-31 May 2013 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline for May (first part here).

The second half of the month has shown an unusual activity with several high-profile breaches motivated by Cyber-Crime or Hacktivism, but also with the disclosure of massive Cyber-Espionage operations.

The unwelcome prize for the “Breach of the Month” is for Yahoo! Japan, that suffered the possible compromising of 22 million users (but in general this was an hard month for the Far East considering that also Groupon Taiwan suffered an illegitimate attempt to access the data of its 4.1 million of customers).

On the cyber-espionage front, the leading role is for the Chinese cyber army, accused of compromising the secret plans of advanced weapons systems from the U.S. and the secret plans for the new headquarter of the Australian Security Intelligence Organization.

On the Hacktivism front, this month has been particularly troubled for the South African Police, whose web site has been hacked with the compromising of 16,000 individuals, including 15,700 whistle-bowlers.

Other noticeable events include the unauthorized access against the well known open source CMS Drupal (causing the reset of 1 million of passwords), the trail of hijacked Twitter accounts by the Syrian Electronic Army and also an unprecedented wave of attacks against targets belonging to Automotive.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).may-2013-cyber-attacks-timeline-part-ii1

(more…)

Continue Reading 15-31 May 2013 Cyber Attacks Timeline

One Year Of Lulz (Part I)

Update December 26: 2011 is nearly gone and hence, here it is One Year Of Lulz (Part II)

This month I am a little late for the December Cyber Attacks Timeline. In the meantime, I decided to collect on a single table the main Cyber Attacks for this unforgettable year.

In this post I cover the first half (more or less), ranging from January to July 2011. This period has seen the infamous RSA Breach, the huge Sony and Epsilon breaches, the rise and fall of the LulzSec Group and the beginning of the hot summer of Anonymous agsainst the Law Enforcement Agencies and Cyber Contractors. Korea was also affected by a huge breach. The total cost of all the breaches occurred inthis period (computed with Ponemon Institute’s estimates according to which the cost of a single record is around 214$) is more than 25 billion USD.

As usual after the page break you find all the references.

(more…)

Continue Reading One Year Of Lulz (Part I)

16-31 May 2014 Cyber Attacks Timeline

Here we are with the second part of the timeline of May (first part here).

Summer is coming here, and looks like attackers prefer to spend more  time in the beach rather than in front of their keyboards. In fact the number of reported attack is confirming its decreasing trend, at least for this part of the year.

Nonetheless, the second part of may has brought some noticeable events, such as the attack to Ebay (potentially 145 million accounts compromised), the attack against the Avast! Forum (400,000 records compromised) and the Arkansas State University (“only” 50,000 records). Other noticeable (and funny) event includes the hack of a San Francisco road sign by a prankster announcing the attack by Godzilla!

Cyber Spies were indeed pretty active in this period. Chronicles report of the Operation Clandestine Fox, a cyber attack against several industries in Australia, an undisclosed utility attacked in the US, a three year social network poisoning campaign sponsored by Iran and, last but not least, the alleged attack against the $12.7 million supercomputer in New Zealand from Chinese attackers.

Instead the operations from Law Enforcement Agencies against Hacktivists seem to be effective, the number of attacks motivated by hacktivism is dramatically reducing.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 May 2014 Cyber Attacks Timelinesv2

(more…)

Continue Reading 16-31 May 2014 Cyber Attacks Timeline