www.lucky-bet.site => Bet on Sports - 50% Deposit Bonus www.lucky-bet.site/casino => Online Casino - 5000$ Welcome Bonus www.lucky-bet.site/lotto247 => Lotto247 - Win Big, Live Free A quick overview of the Cyber Attacks on Hackmageddon since the beginning of 2011 to date. The presentation has been prepared for the 'XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos' organised by ISMS Forum Spain.

1. 4
Years
of
Cyber
A.acks
A
quick
overview
of
the
Hackmageddon
Stats
#15ISMS
#CyberSecurity

2. What is Hackmageddon?
• Since March 2011 Hackmaggeddon.com collects timelines
related to the main Cyber Attacks in a bi-weekly basis.
• Only sources freely available on the Internet are taken into
consideration (specialized news sites, hacking blogs, etc.).
• Born to collect useful data for pre sale activity, it has grown
beyond the initial expectations, offering a useful synoptic
picture of what’s going on the cyber space.
• 30,000 visits per month

3. Since March 2011 to date, Hackmageddon
has collected:
• 418 attacks (Jul-Dec 2011)
• 1320 attacks (2012)
• 1307 attacks (2013)
• 315 attacks (Jan-Apr 2014)
They can be useful to derive stats for
analyzing how trends vary during the years
and are influenced by global events.
Hackmageddon Stats

4. • The sample is heterogeneous and stats cannot obviously be exhaustive!
They are useful to understand the trends = (have a look to Zone-H to see
how many defacements happen each second);
• Sample of 2011 only involves 8 months
• Defacements are taken into consideration only if targeting primary
domains of high-profile sites (primary companies or Governments);
• Hacktivism-led attacks aim to attract the attention of media
• On the other hand, targeted attacks are stealth and (too) often
discovered only after they have achieved their scope.
Caveats

5. Size Matters (2011)
Main Breaches with ≥ 100.000 records
The total is around 322M leaked accounts

6. Size Matters (2012)
The total is around 180M records

7. Size Matters (2013)
Total is around 392M records

8. Size Matters (2014) ≥ 500.000 records
Total (up-to-date) is around 140 Million records

9. Daily Attack Trend: 2011 to 2012

10. Daily Attack Trend: 2012 to 2013

11. Daily Attack Trend: 2014 (4 Months)

12. Attack Trend: 2012

13. Attack Trend: 2013 (9 Months)

14. Motivations Behind Attacks

15. Motivations Behind Attacks: Yearly Trend

16. Findings
§ Despite the actions performed by the Law Enforcement Agencies, 2013 has
shown an increase of attacks related to hacktivism. They are diminishing in
2014.
§ In 2013 this was partly due to the political turmoil (in Greece, Turkey, Egypt
and Syria), but also to new unprecedented forms of Hacktivism such as the
DDoS attacks to the U.S. Banks.
§ Sophisticated cyber attacks operations are steadily gaining space on the media
(5% of attacks recorded in 2013 and 2014, so far, are related to Cyber
Espionage Operations).
§ Cyber Crime is raising space (outcomes of the Target breach and the wave of
attacks against retailers)?

17. Distribution Of Attack Techniques

18. Findings
§ DDoS is the favorite weapon of hacktivists. Attacks using this technique gained
more space in the news in 2013. Now they are decreasing.
§ Account Hijackings had nearly a 100% increase on a yearly basis (on the wake
of the actions of the Infamous Syrian Electronic Army): Maximum result with
minimum effort.
§ Targeted attacks revealed in the news jumped in 6.2% in 2013 and are around
5.4% in 2014.
§ Apparently high profile targets have become more aware of SQLi risks.
§ In too many cases the reason of the attacks is still unknown. Growing Trend in
2014.

19. Distribution Of Targets

20. Findings
§ During 2012 and 2013 attacks towards governmental and industrial institutions
ranked nearly at the same level;
§ In 2014 the percentage of industrial targets is nearly the 30%.
§ This is strictly related with the decrease of attacks motivated by hactkivism and
the corresponding increase in attacks driven by Cyber Crime.

21. Muchas
gracias!