hackmageddon stats: 4 year of cyber attacks
DESCRIPTION
A quick overview of the Cyber Attacks on Hackmageddon since the beginning of 2011 to date. The presentation has been prepared for the 'XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos' organised by ISMS Forum Spain.TRANSCRIPT
4 Years of Cyber A.acks A quick overview of the Hackmageddon Stats
#15ISMS #CyberSecurity
What is Hackmageddon? • Since March 2011 Hackmaggeddon.com collects timelines
related to the main Cyber Attacks in a bi-weekly basis. • Only sources freely available on the Internet are taken into
consideration (specialized news sites, hacking blogs, etc.). • Born to collect useful data for pre sale activity, it has grown
beyond the initial expectations, offering a useful synoptic picture of what’s going on the cyber space.
• 30,000 visits per month
Since March 2011 to date, Hackmageddon has collected: • 418 attacks (Jul-Dec 2011) • 1320 attacks (2012) • 1307 attacks (2013) • 315 attacks (Jan-Apr 2014) They can be useful to derive stats for analyzing how trends vary during the years and are influenced by global events.
Hackmageddon Stats
• The sample is heterogeneous and stats cannot obviously be exhaustive! They are useful to understand the trends = (have a look to Zone-H to see how many defacements happen each second);
• Sample of 2011 only involves 8 months • Defacements are taken into consideration only if targeting primary
domains of high-profile sites (primary companies or Governments); • Hacktivism-led attacks aim to attract the attention of media • On the other hand, targeted attacks are stealth and (too) often
discovered only after they have achieved their scope.
Caveats
Size Matters (2011) Main Breaches with ≥ 100.000 records
The total is around 322M leaked accounts
Size Matters (2012)
The total is around 180M records
Size Matters (2013)
Total is around 392M records
Size Matters (2014) ≥ 500.000 records
Total (up-to-date) is around 140 Million records
Daily Attack Trend: 2011 to 2012
Daily Attack Trend: 2012 to 2013
Daily Attack Trend: 2014 (4 Months)
Attack Trend: 2012
Attack Trend: 2013 (9 Months)
Motivations Behind Attacks
Motivations Behind Attacks: Yearly Trend
Findings § Despite the actions performed by the Law Enforcement Agencies, 2013 has
shown an increase of attacks related to hacktivism. They are diminishing in 2014.
§ In 2013 this was partly due to the political turmoil (in Greece, Turkey, Egypt and Syria), but also to new unprecedented forms of Hacktivism such as the DDoS attacks to the U.S. Banks.
§ Sophisticated cyber attacks operations are steadily gaining space on the media (5% of attacks recorded in 2013 and 2014, so far, are related to Cyber Espionage Operations).
§ Cyber Crime is raising space (outcomes of the Target breach and the wave of attacks against retailers)?
Distribution Of Attack Techniques
Findings § DDoS is the favorite weapon of hacktivists. Attacks using this technique gained
more space in the news in 2013. Now they are decreasing. § Account Hijackings had nearly a 100% increase on a yearly basis (on the wake
of the actions of the Infamous Syrian Electronic Army): Maximum result with minimum effort.
§ Targeted attacks revealed in the news jumped in 6.2% in 2013 and are around 5.4% in 2014.
§ Apparently high profile targets have become more aware of SQLi risks. § In too many cases the reason of the attacks is still unknown. Growing Trend in
2014.
Distribution Of Targets
Findings § During 2012 and 2013 attacks towards governmental and industrial institutions
ranked nearly at the same level; § In 2014 the percentage of industrial targets is nearly the 30%. § This is strictly related with the decrease of attacks motivated by hactkivism and
the corresponding increase in attacks driven by Cyber Crime.
Muchas gracias!