RAT – HACKMAGEDDON

16-31 August 2014 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 29, 2015
Post category:Cyber Attacks Timelines Security
Post comments:2 Comments
Reading time:7 mins read
Post published:September 1, 2014

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)

The Alphabet of Cyber Crime from APT to Zeus

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Security
Post comments:0 Comments
Reading time:9 mins read
Post published:February 24, 2012

If you need to know what Cyber Crime is but you are bored and fed up with the too many information security terms, loosing yourself among the acronyms, you have stumbled upon the correct place. I have just compiled a very special alphabet which collects the terms related to Cybercrime. Forgive me for some “poetic license” and enjoy this half-serious list.

A like APT

Yes, the Advanced Persistent Threats have been the undisputed protagonists of 2011. An APT is essentially an attack carried on with different vectors, different stages and on a distributed time windows (yes, it Persistent). APT are behind the most remarkable events of 2011 such as the RSA Breach, Stuxnet, and so on…

B like Botnet

Botnet are networks of compromised machines that are used by cybercriminals to perpetrate their malicious action. Tipically a compromised machine becomes part of a botnet where the master distributes the commands from a C&C Server. Command may include the theft of information or the attack to other machines.

C like Crime-As-A-Service

The last frontier of Cybercrime: why developing costly malware if you can find a wide offer of customizable malware on the black market offering help desk and support services?

D like DLP

Data Leackage (or Lost) prevention is a suite of technologies that may help organization to counter the theft of information by preventing misuse or leak of data while they are in use at the endpoint (DIU), in transit on the network (DIM), or simply it is an aggregated Dark Matter on the corporate servers (DAR) that needs to be indexed and cataloged (and possibly classified and assessed).

(more…)

February 2012 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Cyberwar Security
Post comments:1 Comment
Reading time:6 mins read
Post published:March 5, 2012

Find here February 2012 Cyber Attacks Timelime Part I.

With a small delay (my apologies but the end of February has been very busy for me and not only for Cybercrooks as you will soon see), here it is the second part of my compilation with the main Cyber Attacks for February 2012.

Easily Predictable, the Hacktivism is still the main concern for System Administrators, in particular for the ones of Stratfor who suffered a huge leak of 5 million of emails.

On the same front, the threats of the Anonymous for the Friday actions have come true and as a matter of fact Law Enforcement Agencies suffered other remarkable breaches in this month: Infragard for the second time and also Interpol (a new entry) that was taken down after the arrest of 25 members of the collective. Anti ACTA protest also continue to shake Europe as also the delicate economical and social situation in Greece.

Last but not least, this month has also seen an unforgettable leak, affecting potentially more than 1.000.000 Youporn users.

As usual, the chart does not include the events related to Middle East Cyber War Timeline, that you may find at this link, as they “deserve” a dedicated timeline.

After the jump you find all the references, follows @paulsparrows for the latest updates on a regular basis and also have a look to the 2012 Cyber Attacks Timeline Master Index.

(more…)

May 2012 Cyber Attacks Timeline (Part I)

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Security
Post comments:1 Comment
Reading time:7 mins read
Post published:May 17, 2012

Update June 4 2012: May 2012 Cyber Attacks Timeline (Part II)

As usual here it is the timeline of the Main Cyber Attacks occurred in May (at least according to my evaluation criteria).

This first half of the month has seen the arrival of a new hacking collective, “The Unknowns”, who has performed an impressive trail of attacks during the first days of May, targeting Space Agencies, Universities, and several other organizations. Although these events appear to be closer to cyber crime actions rather than hactivistim-driven attacks, they have not been the most remarkable ones of these days: as a matter of fact chronicles report of a massive breach at the Hangzhou Dianzi University, targeting approximately 150.000 acccounts.

As far as hacktivism is concerned, this first half of May has confirmed the constant trend of DDoS attacks targeting high profile websites such as SOCA and CIA (once again) and the Supreme Court in retaliation for the U.K. extradition laws.

Interesting to mention is also an alleged Cyber Espionage campaign targeting networks belonging to US natural gas pipeline companies.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

(more…)

16-30 September 2012 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Security
Post comments:2 Comments
Reading time:8 mins read
Post published:October 4, 2012

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29^th, under the hashtag of #29s.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)