Attacks Government Network Flow 2012: Year in Review Industry @GeoWarnagiris Miscellaneous [email protected] 6/7 1/17 2/4 4/1 Last.fm Justin Beiber’s web site 403 NASA Utah Dept. of Heath warns 40M hacked 200 accts 2/26 8/3 usernames and 500K personal records users to 8/9 dumped 2/10 UN (UNEP) Mat passwds posted 4/16 change pass Utah cia.gov DB leaked Honan’s 1/15 2/3 US Gov & LE computerized taken 3/31 digital life zappos.com customer Conf call re: Anon DDoS 6/6 1.5M 7/19 signs hacked 9/21 12/4 12/21 down 2/26 PBS hacked 4/29 destroyed details accessed between FBI and eHarmony $80K in Nike 8/21 USDA Swiss National Council on Wikileaks publishes 4/12 Yahoo and 5/28 9/18 10/25 Scotland Yard leaked passwd merchandise 8/9 Moscow defaced security agency Foreign 1/12 2/8 Stratfor emails 3/30 Another AOL email Flame 8/2 US Bank Israeli National 11/23 hashes stolen via Battle.net Court web warns of large Relations AlienVault releases Westboro Baptist 3/12 GlobalPayments FBI/MI6 breached announced MLB DDoSes network Some 2/2 dumped web site bug hacked site hacked 9/4 secret data leak poisoned details of Sykipot trojan taken down BBC announce call Facebook begin 9/26 disconnects GoDaddy Susan G. Komen for 5/26 Bitfloor 11/8 variant targeting 2/14 Persian breach 50k - leaked - 2 6/5 hijacked by Telvent 10/11 from civilian DNS hijacked 12/3 the Cure hacked U. of 8/16-8/31 Bitcoin 2 EU officials ActivIdentity smart Cryptome attack 10m affected arrests 4/27 6.5M 7/8 7/19 rogue Canada Bank DDoS Dalai Lama 12/19 2/8 Nebraska 8/9 OpFree exchange 9/18 claim laptop cards infected disclosed 13M Hotmail LinkedIn 1300 Israeli Mom hacks employee accuses continue site Al Qaida 1/31 Foxconn 3/27 654K user Gauss Assange hacked Online poker hacked in 11/22 4/3 accts passwd email addrs high school Chinese 10/24 distributing webistes 6.7GB NASA DB hacked Pastebin details est. banking ~$250K player hotel in Symantec 2/14 Sophos breached hashes and to change hacking group South Mac malware DDoSed uploaded to pastebin DDoS $127M 8/2 malware 8/15 hacked and Azerbaijan releases WSJ reports Nortel has hacked 5/16 dumped 6/21 passwds sons of intrusion Carolina 11/28 1/10 EPA details Saudi $100K 10/7 11/5 Narilam 1/29 2/6 been owned for 10 Wikileaks Iran claims posted to grades 9/1 Dept. of First Security USCERT warns of hacked released Aramco stolen WoW mass Guy details 12/17 Pastebin SuperBowl years by Chinese and Pirate 5/24 “massive” Anon Arab Pastebin 9/26 avatar Revenue Insurance Westboro phishing campaign 6/4 7/17 7/26 cyber Fawkes DOS 4th time site creds leaked 3/7 3/27 4/26 Bay DDoS US State cyber website DDoS Sourceforge murder breach 3.6M bank account Baptist Church using USCERT email 4/2 ca.gov Madi Aussie attack 9/18 day many 11/21 in the month Vatican Beiber’s Taliban Dept. attack 7/5 8/7 compromised tax returns robbed targeted addresses 2/5 Al Qaeda 5/12 admin acct Persian ISP (shamoon) Mirage exploits France web Twitter web site defaces Al Alaska road Wikileaks 10/19 OpWBC Syrian Ministry of Pres site DDoS hacked DDoS Bitconica creds 6/13 side info breached 8/30 RAT details claims US 12/1 2/13 defaced Qaeda web DDoS GitHub 1/21 Affairs email server $87k stolen dumped Google and construction stealer 40GB Qatari Nat. released 9/26 11/4 attacked Mexican trade.gov.cn user 4/2 site DDoS 1/6 Several websites leaked 5/5 MS signs hacked revealed exfiled gas Spain’s NBC.com Sarkozy w/a president 12/12 Symantec 2006 name/pass leaked China’s Bank defaced protesting 3/24 US natural announce 7/3 7/3 8/1-8/20 company 9/18 National defaced Flame variant cyber source leaked 2/12 CEIEC 6/1 7/23 10/16 DDoSes cont MegaUpload takedown 3/2 Canadian 4/23 gas 5/22 0-day being Several Several Anon infected IEEE data Police 9/28 10/24 11/11 protests 1/2 Several Greek Govt sensitive US Toronto “AC/DC 7/31 S. Env. or SOPA/PIPA $71K in bitcoins New Iran oil pipeline 1.7GB from used to Chinese web Chinese web #OpAustralia (shamoon) breach DDoS Adobe 63 B&N FreeBSD.org 11/26 12/3 South African Postbank sites downed documents Police Worm” Dropbox Law stolen from Democrat industry industry US DOJ exploit sites hacked sites hacked certificate keypads unauth Nationwide 8K Tumblr robbed for $6.7m leaked Dept. reported in breached Center linode.com Party DDoS attacked attacked released Gmail and acct info and acct info compromise hacked access owned blogs attacked Iran hacked dumped dumped spammed 1/3 4/14 12/7 10/8 12/31 PGH w0rmer of 5/8 Napatec achieves 1/18 6/11 6/26 House Intel SecurityOnion makes the 3/22 CabinCr3w R.Weaver 5/24 100Gbps on Dell SOPA IPv6 support Cosmo and Mir 8/27 Committee 12.04 released WashPo 2/27 MITRE arrested successfully Mayor of W. 8/13 9/27 commodity hw blackout in Qosmos of UGNazi Sourcefire 9/10 warns on risk of 10/30 “In” list HP Security publishes defends PhD New York Argus 12/12 protests Network Intel releases Israel arrest 3 DARPA holds Lancope Intelligence “Social Radar” thesis arrested for arrested 3.0.7.1 using Huawei CERT announces 1/19 Suite FireAMP suspected “Plan X” launches the and Risk research 4/16 attacking released gear Common Sense 12/13 MegaUpload hackers workshop StealthWatch Management Austria's critical site 8/29 Guide to ITU treaty Seized Federal Labs Intelligence platform LulzSec 9/11 Center Mitigating Insider rejected in Criminal member Pirate Bay Threats Dubai Police Office 12/18 3/2 arrested and founder conference arrest 15 year NASA announces Cray launches accused of arrested for old for hacking launch of newest 12/19 new big data an extensive hacking into 259 Attacks Tracking and Data PGH named appliance breach of the FloCon 2012 companies Relay Satellite (TDRS) one of the most 3/7 Sony Pictures Dates: January 9 - 12, 2012 across the Government 9/12 for Internet entertaining 5 members of Europe. Location: Sheraton at the Capitol, Austin, Texas span of three Gartner connectivity to cities in the US Anon/Lulzsec Theme: The progression of analytics from ideas, to months 8/29 projects 8.4% Antarctica by CNN.com arrested Industry prototypes, to tools Bro 2.1 increase in IT 9/30 Keynote: Martin Roesch released security White House Miscellaneous discloses July Training: Argus, iSiLK, Network Profiling spending FloCon 2013 intrusion by Topics: $55B 2011 Dates: January 7-10, 2012 actors related to · Visualization $60B 2012 Location: Hyatt Regency, Albuquerque, NM the Chinese Govt · Data sources $86B 2016. Theme: Flow in the era of big data: logistics, · Analysis characteristics, statistics · Augmentation Keynote: Steven Bellovin · Monitoring above the enterprise Training: Argus, SiLK, Security Onion Chairpersons: Ed Stoner, Rhiannon Weaver Topics: · Visualization · Data sources · Analysis · Augmentation · Signature vs. anomaly detection · Real time vs. near real time Chairpersons: Rhiannon Weaver, George Jones, Donovan Truitt Network Flow 2012: Year in Review @GeoWarnagiris [email protected] Credit to: http://hackmageddon.com @paulsparrows.