16-31 August 2014 Cyber Attacks Timeline

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).16-31-august-2014-cyber-attacks-timeline-v2

(more…)

Continue Reading 16-31 August 2014 Cyber Attacks Timeline

Middle East Cyberwar Timeline Part II

The #OpMegaupload and its subsequent Cyber Attacks all over the world, are diverging the attention from what is happening in the Middle East where the Cyber Conflict between Arab and Israeli Hackers is proceeding at an apparently unstoppable pace which forced me to post an update for the events occurred in the last week.

The rapid escalation of personal information leaks which characterized in the first two weeks of January has slightly changed shape, being replaced in the third week by Defacements and DDoS campaigns (targeting also the web sites of two Israeli Hospitals, as to say that a Cyber Geneva Convention is needed). Other dumps has also occurred, but not of the same scale as the first two weeks of January.

Besides the mutual DDoS and defacements to each other web sites, so far a quick calculation shows that since the beginning of this cyber war Arab Hackers have dumped more than 410,000 Credit Cards and 170,000 accounts, while the Israeli Counterparts have published approximately 11,000 Credit Cards, details of 140,000 individuals and 105,000 emails. Even if these data have to be taken with attention since many records have proven to be duplicated or fake, one consideration is clear: even Cyber Wars have their digital casualties.

The worst is yet to come?

(more…)

Continue Reading Middle East Cyberwar Timeline Part II

January 2012 Cyber Attacks Timeline (Part 2)

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.

Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.

(more…)

Continue Reading January 2012 Cyber Attacks Timeline (Part 2)