1-15 November 2014 Cyber Attacks Timeline

The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.

Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).

Again the operations related to cyber espionage have played an important role: some new campaigns have come to light (for instance Darkhotel), and also several noticeable attacks have been discovered, like the one against the United States Postal Service (600,000 users affected) or the one against the National Oceanographic and Atmospheric Administration.

Even hacktivists have been quite active: the RedHack collective has reemerged from several months in stealth mode (they claim to have deleted 650,000 USD worth 0f electricity power debt), and some hackers claiming to be affiliated to the Anonymous collective have performed similar operations in Italy (in parallel with the delicate social and economical period) and the Philippines.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15-november-2014-cyber-attacks-timeline

(more…)

Continue Reading 1-15 November 2014 Cyber Attacks Timeline

16-31 January 2013 Cyber Attacks Timeline

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.16-31-january-2013-cyber-attacks-timeline

(more…)

Continue Reading 16-31 January 2013 Cyber Attacks Timeline

June 2012 Cyber Attacks Timeline (Part II)

Part I (1-15 June) at this link

From an information security perspective, the second half of June has been characterized by the hacking collective UGNAZI (and its members) and also by an individual hacker: .c0mrade AKA @OfficialComrade.

Both entities have left behind them a long trail of Cyber Attacks against different targets (in several cases the real extent of the attack is uncertain) and with different techniques, although it is likely that the UGNAZI collective will be forced to change the plans after the arrest of the group’s leader, JoshTheGod, nearly at the end of the month (27thof June), effectively they have considerably reduced the rate of their cyber attacks in the second part of the analyzed period.

On the other hand, hospitals, banks, several major airlines are only few examples of the preys fallen under the attacks carried on by .c0mrade. Plese notce that from  Cyber Crime perspective,  is also interesting to notice the High Roller Operation, a giant fraud against the banking industry, unmasked by McAfee.

Needless to say, the Cyber War front is always hot, most of all in Middle East, were several DDoS attacks targeted some Israeli institutions and, most of all, an alleged unspecified massive Cyber Attack targeted tje Islamic Republic of Iran.

The hacktitic landscape is completely different: maybe hacktivists have chosen to go on vacation since June 2012 has apparently shown a decreasing trend, in sharp contrast with an year ago, when the information security community lived one of its most troubled periods.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timeline.

(more…)

Continue Reading June 2012 Cyber Attacks Timeline (Part II)

16-30 September 2012 Cyber Attacks Timeline

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six  U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29th, under the hashtag of #29s.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)

Continue Reading 16-30 September 2012 Cyber Attacks Timeline

1-15 January 2013 Cyber Attacks Timeline

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 January 2013 Cyber Attacks Timeline (more…)

Continue Reading 1-15 January 2013 Cyber Attacks Timeline

16-30 June 2013 Cyber Attacks Timeline

It’s time for the second part of the June 2013 Cyber Attacks Timeline (first part here).

The last two weeks of June have been characterized by an unusual cyber activity in the Korean Peninsula. In a dramatic escalation of events (coinciding with the 63rd anniversary of the start of the Korean War), both countries have attracted the unwelcome attentions of hacktivists and (alleged) state-sponsored groups, being targeted by a massive wave of Cyber attacks, with the South suffering the worst consequences (a huge amount of records subtracted by the attackers).

On the hacktivism front, the most remarkable events involved some actions in Brazil and Africa, and the trail of attacks in Turkey that even characterized the first half of the month. The chronicles of the month also report an unsuccessful operation: the results of the so-called OpPetrol have been negligible (most of all in comparison to the huge expectations) with few nuisance-level attacks.

On the cyber crime front, the most remarkable events involved the attacks against Blizzard, that forced the company to temporarily close mobile access to its auction service, a serious breach against a Samsung service in Kazakhstan, a targeted attack against the internal network of Opera Software (aimed to steal code signing certificates) and several attacks to some DNS registrars. In particular the most serious has been perpetrated against Network Solutions, affecting nearly 5000 domains, among which LinkedIn.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2013 Cyber Atacks Timeline (more…)

Continue Reading 16-30 June 2013 Cyber Attacks Timeline

1-15 June 2014 Cyber Attacks Timeline

It just looks like attackers are enjoying the beginning of the Summer, since the first half of June confirms the decreasing trends.

The controversial 2014 World Cup has revived the hacktivists, and in particular the Anonymous collective who kicked off the Operation OpWorldCup, targeting Brazilian Governmental institutions and Sponsors of the World Cup.

Looking at the Cyber Crime, the most remarkable event of the month is the extortion attempt against  Belgian and French customers of Domino’s Pizza (650,000 users affected). It is also worth to mention the wave of DDoS attacks against Feedly and Evernote, in the first case motivated by extortion, and also the compromising of a US Army database in South Korea.

Last but not least, chronicle report the details of two Cyber Espionage Operations: Operation Molerat, originating allegedly from Middle East, and yet another one from China, discovered by Crowdstrike and attributed to a group dubbed Putter Panda.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2014 Cyber Attacks Timeline

(more…)

Continue Reading 1-15 June 2014 Cyber Attacks Timeline

1-15 December 2014 Cyber Attacks Timeline

It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).

Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.

At least for once, let us start from hacktivism. The hacktivists seem to be back in action: the Anonymous have taken part, directly or indirectly to several operations motivated by the racial tensions in the US (DDoS attacks against Oakland and Ontario), the raids against the Pirate Bay (leaks of Governmental emails), and the protests against the new High Speed Train line connecting Turin and Lyon (the defacement of  Official website of the Rhône-Alpes region).

A different form of hacktivism (but the border with Cyber Warfare in this case is really blurred) hit Sands Casinos earlier this year. Bloomberg has revealed that an apparent innocuous defacement happened in February was actually the mark of a more devastating attack perpetrated by Iranian hackers, who were able to wipe out all the internal clients and servers.

The Cyber Crime landscape (again maybe it should be more correct to call it Cyber Warfare) is still dominated by the outcome of the Infamous attack to Sony. Other interesting events concern the attack to an unnamed steel industry in Germany, causing physical damages, yet another wave of DDoS attacks against Sony (again!) and XboX Live, and the alleged compromise of Ars Technica requiring the registered users to change their passwords.

Last but not least, the level of state-sponsored operations is always high: at least three of them deserve to be mentioned: Operation Cleaver (allegedly backed by Iran), the resurrection of the Red October Group (Cloud Atlas or Inception) and also the discovery that the ISIS is active also in the Cyber Space, targeting a group of Syrian activists.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2014 Cyber Attacks Timeline (more…)

Continue Reading 1-15 December 2014 Cyber Attacks Timeline