December 2011 Cyber Attacks Timeline (Part I)

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

(more…)

Continue ReadingDecember 2011 Cyber Attacks Timeline (Part I)

Middle East Cyber War Timeline

Feb 19 2012: Middle East Cyber War Timeline Master Index

I tried to summarize the chain of events that is characterizing the Cyber Escalation in the Middle East. I collected the information from several sources in order to provide a detailed picture of what is happening between Israel and the Arab Countries since the initial claim of 0xOmar. Observing the evolution of the chart, the Cyber conflicts seems to follow the same rules than real wars: innocent victims, propaganda and psyops, different paths of escalation and guerrilla tactics. This Cyber Conflict in Middle East is probably crossing the line: from now the landscape will not be the same anymore.

From the initial action of 0xOmar to the Israeli reaction, passing through the declaration of Cyber Jihad (the chart is updated to Sunday, the 22nd of January), (too) many events have happened, involving different hacking crews, different countries (also some French and Canadian web sites have been defaced) and different kind of attacks. What was started as an endless chain of massive leaks seems to be evolving as isolated actions typical of guerrilla.

Follow the line of a Cyber conflict that, similarly to the real one occurring in the Middle East, appears far from being solved…

(more…)

Continue ReadingMiddle East Cyber War Timeline

Middle East Cyber War Timeline (Part VIII)

This last week has seen some remarkable events an undoubtable revamp of data leaks inside the Middle East Cyberwar.

Not only the infamous 0xOmar, the initiator of the Middle East Cyber War, reappeared, leaking alleged secret data from some Israeli Virtual Israeli Air Force School websites; but also the Pakistani zCompany Hacking Crew has re-entered the scene unchaining the original weapon, that is the Credit Card leak. As a matter of fact ZHC published 5,166 records containing working credit cards, usernames, emails and addresses of individual supporters of the Zionist Organisation of UK & Ireland (zionist.org.uk).

On a different front, the massive defacements of websites all over the world in support of #OpFreePalestine continued. Under the label of the same operation, the Anonymous also “doxed” several companies and individuals on pastebin.

As far as the two main contenders (Iran and Israel) are concerned, the strategies seem quite different.

Iran has shown a cyber activity culminated in the alleged attack against the BBC Persian Service. For this nation, it is also important to notice its “cyber autarky”, maybe a choice forced by the embargo, that led to the creation of an internal email service, in contrast to the traditional Gmail, Yahoo, etc. This happens few weeks after the decision to develop an internal Antivirus.

On the opposite front, Israel keeps on its apparent cyber silence. Is it the prelude for the feared military action against Iran?

If you want to be constantly updated on the Middle East Cyber War, at this link you find the complete timeline. Also follow @paulsparrows on Twitter for the latest updates!

(more…)

Continue ReadingMiddle East Cyber War Timeline (Part VIII)