1-15 December 2013 Cyber Attacks Timeline

Maybe hackers are feeling the Christmas atmosphere since this first half of December has recorded a minor number of attacks in comparison with the previous months. However considering merely the number of attacks to evaluate the cyber landscape could bring to wrong conclusions since, even if in absolute terms the number of attacks has experienced a decrease, in several cases the amount of affected users has been really considerable.

This is the case, for instance, of the 20 million of records leaked in China (and found on WeChat) or the 2.4 million of students and employees of Maricopa Community College compromised in an Aprl Security Breach.

It is really curious to notice that in (too) many cases the breaches have been notified several months later. As also happened for JP Morgan Chase, who also had 456,000 owners of prepaid cash cards compromised in July and notified only in December.

Concerning Cyber Espionage, chronicles report of an alleged Chinese Cyber Attack during the 2013 G8 Summit in Russia, while hacktivists were constantly active in Ukraine, Turkey, India, Syria (indirectly) and, a new Entry for December, Angola.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2013 Cyber Attacks Timeline (more…)

Continue Reading1-15 December 2013 Cyber Attacks Timeline

16-31 December 2013 Cyber Attacks Timeline

Let’s give the welcome to this new infosec year with the first timeline of 2014 (or better the last of 2013) summarizing the main events occurred in the second half of December 2013.

With no doubt, this holiday season has been characterized by the Target breach, whose size is constantly growing (110 million the number of potential victims according to recent estimates). This massive incident has somehow shadowed another massive breached occurred in Turkey, were Russian hackers have allegedly been able to obtain 54 million citizens’ ID Data. With similar numbers, the 300.000 users potentially affected by the Cyber Attack involving Affinity Gaming appear risible.

Other considerable events include a Christmas Intrusion on a BBC server (with the author possibly selling the backdoor access on the underground) and yet another possible intrusion by Chinese hackers on a US target, specifically the Federal Election Commission.

Nothing particularly significant on the hacktivism front characterized by the consolidated “background noise” of events whose sizes are well far from the levels of the recent years.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2013 Cyber Attacks Timeline Update2 (more…)

Continue Reading16-31 December 2013 Cyber Attacks Timeline

1-15 April 2014 Cyber Attacks Timeline

And here it is the timeline reporting the Cyber Attacks happened during the first half of April 2014, a month probably long remembered within the Infosec Chronicles for the discovery of the terrible Heartbleed bug (two attacks have been recorded, so far, related to this devastating vulnerability).

Besides the infamous Heartbleed, the most important events of this timeline are related to Cyber Crime. Germany in particular had a bad surprise, with the discovery of a list of 18 million compromised e-mail accounts and passwords, affecting all major German Internet service providers. The list of the remarkable targets also includes Lacie, victim of a malware putting at risk the users who performed on-line purchases from the company web site, the Harley Medical Group (500,000 accounts potentially compromised) and, once again, South Korea where unknown hackers were able to steal the personal information of about 200,000 credit card users, racking up fraudulent charges of about $115,ooo.

The feared wave of cyber attacks against Israel, promised by several Anonymous affiliated hacktivists for the 7th of April, did not happen. The impact of the attacks was limited and in many cases several old leaks were ‘recycled’.

Last but not least, Germany’s Space Research Center in Cologne, was the victim of a targeted attack. Suspects point to China.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2014 Cyber Attacks Timelines (more…)

Continue Reading1-15 April 2014 Cyber Attacks Timeline