16-31 March 2013 Cyber Attacks Timeline

First part here: 1-15 March 2013 Cyber Attacks Timeline

March is gone and hence it is time to analyze the events that characterized the past month.

Two events in particular gained the first pages of the magazines: the wiper malware in Korea and the DDoS attack against Spamhaus that, maybe exaggerating, has been defined the “biggest attack in history”.

But these were not the only noticeable attacks in this second part of the month: the Operation Ababil of the Izz ad-din al-Qassam Cyber Fighters against U.S. banks achieved a new phase, constantly disrupting the connectivity of several high profile financial targets, including Chase, USBank, etc.; Telenor admitted to have been hacked by high-tech spies emptying the content of executives’ personal computers, and also the Anonymous claimed to have breached the Mossad, despite there are many doubts about this last attack.

Other important events include a breach against MTV Taiwan (600,000 accounts), McDonald’s (200,000 accounts), the Turkish Ministry Of Economy (96,000 accounts), and Renault Colombia (31,000 accounts leaked).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31-march-2013-cyber-attacks-timeline (more…)

Continue Reading16-31 March 2013 Cyber Attacks Timeline

March 2012 Cyber Attacks Timeline (Part II)

First Part: March 2012 Cyber Attacks Timeline (Part I)

It is time for the second part of the March 2012 Cyber Attacks Timeline, a month that will probably be remembered for the breach occurred to Global Payments, a credit card processor, whose aftermath may potentially affect up to 10 million credit card holders belonging, among the others, to Visa and MasterCard.

On the hacktivism front, not even three weeks after the arrest of several LulzSec members, a new hacking crew has appeared whose name, LulzSecReborn, clearly reminds the infamous collective and its Days of Lulz. They entered the scene with a noticeable, albeit discussed, leak: more than 170.000 records from a military dating site.

Other remarkable hacktivism-led cyber attacks include the so called #OpFariseo, a wave of Cyber Attacks targeting websites related to the visit of the Pope in Mexico, and a new cyber attack to PBS. It is also important to notice the debut of the Anonymous in China, a debut characterized by a massive wave of defacements.

Last but not least, among the events of this month there is one which in particular deserves a mention, and is the leak which targeted Vector Inc., a Japanese computer selling firm, potentially affecting more than 260,000 users.

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @pausparrows on Twitter for the latest updates.

(more…)

Continue ReadingMarch 2012 Cyber Attacks Timeline (Part II)

June 2012 Cyber Attacks Timeline (Part II)

Part I (1-15 June) at this link

From an information security perspective, the second half of June has been characterized by the hacking collective UGNAZI (and its members) and also by an individual hacker: .c0mrade AKA @OfficialComrade.

Both entities have left behind them a long trail of Cyber Attacks against different targets (in several cases the real extent of the attack is uncertain) and with different techniques, although it is likely that the UGNAZI collective will be forced to change the plans after the arrest of the group’s leader, JoshTheGod, nearly at the end of the month (27thof June), effectively they have considerably reduced the rate of their cyber attacks in the second part of the analyzed period.

On the other hand, hospitals, banks, several major airlines are only few examples of the preys fallen under the attacks carried on by .c0mrade. Plese notce that from  Cyber Crime perspective,  is also interesting to notice the High Roller Operation, a giant fraud against the banking industry, unmasked by McAfee.

Needless to say, the Cyber War front is always hot, most of all in Middle East, were several DDoS attacks targeted some Israeli institutions and, most of all, an alleged unspecified massive Cyber Attack targeted tje Islamic Republic of Iran.

The hacktitic landscape is completely different: maybe hacktivists have chosen to go on vacation since June 2012 has apparently shown a decreasing trend, in sharp contrast with an year ago, when the information security community lived one of its most troubled periods.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timeline.

(more…)

Continue ReadingJune 2012 Cyber Attacks Timeline (Part II)

1-15 August 2013 Cyber Attacks Timeline

The first half of August has gone, so it is time for the Cyber Attacks Timeline summarizing the main events occurred in this period.

Looks like the massive breaches have decided to have a break during August. Although the first fifteen days have shown a remarkable number of attacks, no huge leaks have been recorded.

The only exception is the latest attack to the United States Department of Energy (14,000 individuals potentially affected) and the one targeting the Ferris State University with nearly 60,000 records potentially affected.

Other remarkable events include the attacks against Opscode and Crytek. In this latter case four websites have been temporarily taken down.

Last but not least, the Syrian Electronic Army is back in action, and its wave of Social Engineering attack has directly and indirectly hit many primary targets such as Channel 4 and the New York Post (via the hack to the SocialFlow platform).

Important: this period has also seen an high cyber activity between India and Pakistan. The attacks deserve a dedicated timeline to be published very soon. So they will not appear in this timeline.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 August 2013 Cyber Attacks Timeline Addendum (more…)

Continue Reading1-15 August 2013 Cyber Attacks Timeline