UPS – HACKMAGEDDON

16-31 August 2014 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 29, 2015
Post category:Cyber Attacks Timelines Security
Post comments:2 Comments
Reading time:7 mins read
Post published:September 1, 2014

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)

16-30 June 2013 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Security
Post comments:0 Comments
Reading time:7 mins read
Post published:July 9, 2013

It’s time for the second part of the June 2013 Cyber Attacks Timeline (first part here).

The last two weeks of June have been characterized by an unusual cyber activity in the Korean Peninsula. In a dramatic escalation of events (coinciding with the 63rd anniversary of the start of the Korean War), both countries have attracted the unwelcome attentions of hacktivists and (alleged) state-sponsored groups, being targeted by a massive wave of Cyber attacks, with the South suffering the worst consequences (a huge amount of records subtracted by the attackers).

On the hacktivism front, the most remarkable events involved some actions in Brazil and Africa, and the trail of attacks in Turkey that even characterized the first half of the month. The chronicles of the month also report an unsuccessful operation: the results of the so-called OpPetrol have been negligible (most of all in comparison to the huge expectations) with few nuisance-level attacks.

On the cyber crime front, the most remarkable events involved the attacks against Blizzard, that forced the company to temporarily close mobile access to its auction service, a serious breach against a Samsung service in Kazakhstan, a targeted attack against the internal network of Opera Software (aimed to steal code signing certificates) and several attacks to some DNS registrars. In particular the most serious has been perpetrated against Network Solutions, affecting nearly 5000 domains, among which LinkedIn.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)

Fortune 500 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Security
Post comments:3 Comments
Reading time:7 mins read
Post published:November 25, 2014

For the Infosec professionals, this troubled 2014 will be remembered for the trail of gigantic breaches unleashed nearly exactly one year ago, when the real outcome of the infamous Target breach became to emerge. The real extent of the breach was yet to be known, like also the fact that it would not have been an isolated case, but just the beginning of a nightmare.

However this is not the only example of a Fortune 500 company deeply hit, and thanks to a very smart hint by @bufferzone, I took the opportunity to collect in this timeline all the main cyber incidents involving Fortune 500 and Fortune 500 Global companies since 2011 to nowadays.

The adopted selection criteria take into considerations only incidents involving a direct impact on end users, so defacements have not been taken into consideration.

Fortune 500 Global companies are characterized by a blank value in the Rank column, whereas Fortune 500 companies are characterized by a red value. Also, when possible I inserted both values if the targeted company belongs to both charts and, in those cases in which a subsidiary company has been targeted, I have obviously inserted the rank of the parent company.

(more…)