you-r!-k@n

Middle East Cyberwar Timeline Part II

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Cyberwar Security
Post comments:4 Comments
Reading time:5 mins read
Post published:January 29, 2012

The #OpMegaupload and its subsequent Cyber Attacks all over the world, are diverging the attention from what is happening in the Middle East where the Cyber Conflict between Arab and Israeli Hackers is proceeding at an apparently unstoppable pace which forced me to post an update for the events occurred in the last week.

The rapid escalation of personal information leaks which characterized in the first two weeks of January has slightly changed shape, being replaced in the third week by Defacements and DDoS campaigns (targeting also the web sites of two Israeli Hospitals, as to say that a Cyber Geneva Convention is needed). Other dumps has also occurred, but not of the same scale as the first two weeks of January.

Besides the mutual DDoS and defacements to each other web sites, so far a quick calculation shows that since the beginning of this cyber war Arab Hackers have dumped more than 410,000 Credit Cards and 170,000 accounts, while the Israeli Counterparts have published approximately 11,000 Credit Cards, details of 140,000 individuals and 105,000 emails. Even if these data have to be taken with attention since many records have proven to be duplicated or fake, one consideration is clear: even Cyber Wars have their digital casualties.

The worst is yet to come?

(more…)

Middle East Cyber War Timeline Part III

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyberwar Security
Post comments:4 Comments
Reading time:4 mins read
Post published:February 4, 2012

Jan 22: Middle East Cyber War Timeline Part I

Jan 29: Middle East Cyber War Timeline Part II

Feb 12: Middle East Cyber War Timeline Part IV

The more I look inside the Middle East Cyber War between Israel and the Arab Hackers, the more I realize that it follows exactly the same shape than the real conflict.

In particular this last week has seen a strong reduction of the cyber events between the involved parties, although it is not clear if this was due to stronger cyber defenses enforced, or it was rather a kind of “calm before the storm”.

Among the reported events I considered particularly meaningful the attack of InLightPress, a Palestinian news website, of whom I did not find any other report except the one quoted in the Infographic which comes from a Pro-Israeli Website (this is the reason why this event must be considered with the necessary caution). Maybe it is not directly related to the Middle East Cyber War, anyway it looks like this attack was not originated by Israeli hackers, but had rather been “commissioned” by the Palestinian Authority. In the real world political parties or movement have different wings (typically hawks and doves), it looks like this is true for the cyber world as well. On the other hand, some believe that also the attack carried on last week against the Israeli newspaper Haaretz, considered close to Pro-Palestinian movements, has an internal origin, that maybe explains the subsequent excuses by the alleged authors of the attack (BTW at the above link there is an interesting list of the hack published in pastebin by the Israeli Hackers).

Do you believe the descending trend of the cyber events will be confirmed in the next period, or it is rather a temporary cyber truce before the digital storm?

(more…)

Middle East Cyber War Timeline (Part IV)

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyberwar Security
Post comments:3 Comments
Reading time:4 mins read
Post published:February 11, 2012

Another week, another wave of attacks between the two cyber contenders (here: Part I, Part II, Part III).

After some mutual attacks in terms of DDoS and defacements (with a new entry from Morocco and a resounding defacement against the Tel Aviv University Security Studies Program website, the head of the National Cyber Defense Authority), this week has seen the revamping of Credit Cards leaks “thanks” to Zcompany Hacker crew, who dumped more than 200 Credit Cards belonging to Israel And United States.

Even considering this latter event, however, the timeline seems to have confirmed the descending trend, with the early actors of both parties apparently quiet inside their virtual shelters (maybe to elaborate new strategies). But in this apparently calm sky a new thunderstorm threatens the horizon: it is the Anonymous which posted a message promising a reign of terror for Israel…

If you have a look to the Middle East nations involved in the cyber conflict which made attacks or suffered attacks (depicted in the map below that does not include U.S. victim of the latest Credit Card leak and France whose Council of Jewish Institutions was hacked earlier in June), you may easily notice that the virtual geopolitics reflect nearly exactly the real ones (the dotted arrow from Iran indicates the uncertainty of the nationality of OxOmar) with the new entry of Pakistani ZHC.

(more…)

A New Beginning For The Middle East Cyberwar?

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Security
Post comments:2 Comments
Reading time:2 mins read
Post published:May 17, 2012

After several months of silence, a new resounding dump in Middle East. I have just received an email message from…

May 2012 Cyber Attacks Timeline (Part II)

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Security
Post comments:0 Comments
Reading time:8 mins read
Post published:June 4, 2012

As usual, here it is the second part of the Cyber Attacks Timeline for the month of May 2012: a month particularly rich of Cyber Events. As you will probably know, the Flame malware has monopolized the attention, deserving the most attention from the Information Security Professional.

Nevertheless the scene has offered many interesting events, among which it worths to mention the breach of 123,000 federal employees records, the breach affecting University of Nebraska, and, last but not least, the breach against WHCMS (which, as we will soon see, has proved to be fatal for its author).

The hacktivist front is still hot and preannounces another hot summer. On the other hand the authors of several remarkable cyber-criminal actions are probably going to leave the scene: the long trail of arrests made by Law Enforcement Agencies against hackers has continued in this month and has hence led to the arrest of Cosmo, the leader of the infamous group UGNazi, which claimed to be the author of the Cyber Attack against WHCMS.

In your opinion are the arrests against hackers really going to stop the growing number of Cyber Attacks (acting as a deterrent)?

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

After the jump you find all the references, and at this link the first part covering 1-15 May.

(more…)

Middle East Cyber War Reloaded

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Security
Post comments:0 Comments
Reading time:2 mins read
Post published:June 27, 2012

I have just received an email from the israeli hacker dubbed you-ri-k@n providing me with some details about a peculiar…

Iran Energy Water Website Defaced By An Israeli Hacker Against The Terrorist Attack in Burgas

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Security
Post comments:0 Comments
Reading time:2 mins read
Post published:July 24, 2012

You-r!-k@n keeps on his personal battle against Iran. The latest target is the official website of Iran Energy Water (tw.org.ir),…

Winds Of Cyber War From The Middle East

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Security
Post comments:3 Comments
Reading time:2 mins read
Post published:August 8, 2012

Approximately a couple of weeks ago, an Israeli hacker called You-r!-k@n, one of the early contenders of the Middle East…

16 – 31 August 2012 Cyber Attacks Timeline

Post author:Paolo Passeri
Post last modified:May 24, 2015
Post category:Cyber Attacks Timelines Security
Post comments:0 Comments
Reading time:7 mins read
Post published:September 5, 2012

Here the first part with the timeline from 1 to 15 August 2012.

Here we are with the second part of the August 2012 Cyber Attacks Timeline. A second part of the month that has been characterized by hacktivism, most of all because of the so-called OperationFreeAssange, which has targeted many high-profile websites.

Among the targets of the month, Philips has been particularly “unlucky”. The Dutch giant has been the victim of three Cyber Attacks, even if there are several doubts about the authenticity of the hacks.

But maybe the biggest operation of the month is the #ProjectHellFire, carried on by the collective @TeamGhostShell, that has unleashed something as 1 million of accounts belonging to different sectors (banks, government agencies, consulting firms, law enforcement and the CIA). And the group promises new action for this Fall and Winter.

The Middle East confirms to be very hot, with a new Cyber Attack, probably another occurrence of Shamoon, targeting RasGas, yet another Oil Company.

Just one note: of course it is impossible to track all the targets of the #OpFreeAssange. You can find a complete list at cyberwarnews.info.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)