Saturday, September 15, 2018

1-15 August 2018 Cyber Attacks Timeline – HACKMAGEDDON

1-15 August 2018 Cyber Attacks Timeline – HACKMAGEDDON

1-15 August 2018 Cyber Attacks Timeline

I am trying to catch up with the delayed timelines, so I am happy to publish the first timeline of August, covering the main cyber attacks occurred in the first half of this month.

Well, it looks like the cyber criminals decided to take same days off, since the number of events collected in this fortnight is sensibly smaller than the second half of July (31 vs. 81).

And the winner is… Cosmos Bank, which had 944 million rupees ($13.5 million worth) stolen through simultaneous withdrawals across 28 countries. And if we move from fiat currency to cryptocurrency, the situation does not improve unfortunately. Well, technically the amount in Monero stolen to Livecoin is "only" equivalent to $ 1.8 million, however it might seem tiny compared to Cosmos Bank, but it's always a decent amount of money. Nothing in comparison to the $240 million lost by an investor, Michael Terpin, who sued AT&T consequently. Livecoin wasn't the only exchange targeted, even Altex Exchange suffered the loss of an undisclosed amount, probably for the same vulnerability.

Other Interesting events include the hack to Reddit (SMS-based authentication is not enough any longer), a massive attack to Instagram users, and I would also mention that ransomware has not mercy since it did not spare the computers of the Professional Golf Association.

But the least doesn't end here! My advice is to read it all and realize the fragility of our identity inside the cyber space. And id you want, you may also have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 (regularly updated… Hopefully!). And do not forget the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and please notice that, starting from this month, it is possible to download the raw data directly from the tools above the table. You may always ask for the raw data, but please do not forget to include a short presentation and the purpose of the project. I am not supposed to accept requests without any details.

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLink
120/07/2018?MedSpring Urgent CareMedSpring Urgent Care notifies 13,000 patients after a phishing attack occurred on May 8.Account HijackingQ Human health and social work activitiesCCUS
230/07/2018?Altex ExchangeAltex Exchange acknowledges that a double-counting bug in Monero (XMR) cryptocurrency did result in a major undisclosed financial loss.Monero VulnerabilityV FintechCCN/A
301/08/2018?RedditReddit discloses a breach of its systems that compromised user data including some current email addresses and salted and hashed passwords from a 2007 database backup. The attacker gained access to several employee accounts via SMS intercept between June Account HijackingJ Information and communicationCCUS
401/08/2018?Companies and organizations associated with industrial productionKaspersky Lab ICS CERT identifies a new wave of phishing emails with malicious attachments targeting primarily companies and organizations associated with industrial production. The malware used in these attacks installs legitimate remote administration sMalwareY Multiple IndustriesCC>1
501/08/2018?Amnesty InternationalAmnesty International reveals to have been targeted by a campaign carried out via the surveillance malware developed by the Israel surveillance vendor, NSO Group.Targeted AttackU Activities of extraterritorial organizations and bodiesCEN/A
601/08/2018boolooprecruitmilitary.comA user called booloop a publishes a database containing over 850,000 US military officers personal information.UnknownS Other service activitiesCCUS
701/08/2018?Hong Kong's Department of HealthThree Hong Kong's Department of Health computers are hit by ransomware.MalwareO Public administration and defence, compulsory social securityCCHK
802/08/2018GorgonGovernmental organizations in the United Kingdom, Spain, Russia, and the United States.Researchers from Palo Alto Networks Unit 42 uncover Gorgon, a threat actor allegedly operating from Pakistan and targeting governmental organizations in the United Kingdom, Spain, Russia, and the United States leveraging spear phishing emails with MicrosoTargeted AttackO Public administration and defence, compulsory social securityCE>1
902/08/2018RASPITEEntities in the US, Middle East, Europe, and East AsiaResearchers from Dragos identify a new activity group targeting access operations in the electric utility sector, called RASPITE.Targeted AttackD Electricity gas steam and air conditioning supplyCE>1
1002/08/2018DarkCoder AKA @Th3FalconElbit SystemsDarkCoder AKA @Th3Falcon leaks 10,000 credentials for users and administrators from Elbit Systems.SQLiC ManufacturingCCIL
Showing 1 to 10 of 31 entries



Elyssa D. Durant 
Research & Policy Analyst
Columbia University, New York

No comments:

Post a Comment