Hackmageddon stats: 4 Year of Cyber Attacks
3 likes603,310 views
Hackmageddon has tracked cyber attacks bi-weekly since March 2011, gathering data from various online sources, with a notable increase in events over the years. Analysis shows a rise in attacks related to hacktivism in 2013 due to political unrest, while targeted cyber espionage operations and cyber crime have also gained attention. Key findings highlight an increase in account hijackings and variations in attack techniques and targets, particularly a rise in cyber crime against industrial entities in 2014.
Hackmageddon stats: 4 Year of Cyber Attacks
- 1. 4 Years of Cyber A.acks A quick overview of the Hackmageddon Stats #15ISMS #CyberSecurity
- 2. What is Hackmageddon? • Since March 2011 Hackmaggeddon.com collects timelines related to the main Cyber Attacks in a bi-weekly basis. • Only sources freely available on the Internet are taken into consideration (specialized news sites, hacking blogs, etc.). • Born to collect useful data for pre sale activity, it has grown beyond the initial expectations, offering a useful synoptic picture of what’s going on the cyber space. • 30,000 visits per month
- 3. Since March 2011 to date, Hackmageddon has collected: • 418 attacks (Jul-Dec 2011) • 1320 attacks (2012) • 1307 attacks (2013) • 315 attacks (Jan-Apr 2014) They can be useful to derive stats for analyzing how trends vary during the years and are influenced by global events. Hackmageddon Stats
- 4. • The sample is heterogeneous and stats cannot obviously be exhaustive! They are useful to understand the trends = (have a look to Zone-H to see how many defacements happen each second); • Sample of 2011 only involves 8 months • Defacements are taken into consideration only if targeting primary domains of high-profile sites (primary companies or Governments); • Hacktivism-led attacks aim to attract the attention of media • On the other hand, targeted attacks are stealth and (too) often discovered only after they have achieved their scope. Caveats
- 5. Size Matters (2011) Main Breaches with ≥ 100.000 records The total is around 322M leaked accounts
- 6. Size Matters (2012) The total is around 180M records
- 7. Size Matters (2013) Total is around 392M records
- 8. Size Matters (2014) ≥ 500.000 records Total (up-to-date) is around 140 Million records
- 9. Daily Attack Trend: 2011 to 2012
- 10. Daily Attack Trend: 2012 to 2013
- 11. Daily Attack Trend: 2014 (4 Months)
- 13. Attack Trend: 2013 (9 Months)
- 15. Motivations Behind Attacks: Yearly Trend
- 16. Findings § Despite the actions performed by the Law Enforcement Agencies, 2013 has shown an increase of attacks related to hacktivism. They are diminishing in 2014. § In 2013 this was partly due to the political turmoil (in Greece, Turkey, Egypt and Syria), but also to new unprecedented forms of Hacktivism such as the DDoS attacks to the U.S. Banks. § Sophisticated cyber attacks operations are steadily gaining space on the media (5% of attacks recorded in 2013 and 2014, so far, are related to Cyber Espionage Operations). § Cyber Crime is raising space (outcomes of the Target breach and the wave of attacks against retailers)?
- 17. Distribution Of Attack Techniques
- 18. Findings § DDoS is the favorite weapon of hacktivists. Attacks using this technique gained more space in the news in 2013. Now they are decreasing. § Account Hijackings had nearly a 100% increase on a yearly basis (on the wake of the actions of the Infamous Syrian Electronic Army): Maximum result with minimum effort. § Targeted attacks revealed in the news jumped in 6.2% in 2013 and are around 5.4% in 2014. § Apparently high profile targets have become more aware of SQLi risks. § In too many cases the reason of the attacks is still unknown. Growing Trend in 2014.
- 20. Findings § During 2012 and 2013 attacks towards governmental and industrial institutions ranked nearly at the same level; § In 2014 the percentage of industrial targets is nearly the 30%. § This is strictly related with the decrease of attacks motivated by hactkivism and the corresponding increase in attacks driven by Cyber Crime.
- 21. Muchas gracias!