- Jan - Feb 2012 – Group Anonymous attacks various Israeli sites leaving, among others, the Israeli Stock exchange in operational duress for a moment
- March 2012 – Operation Global Blackout – Group Anonymous threatens to take out the internet by attacking the DNS infrastructure of the world
- July – Aug 2012 – Admin.HLP Trojan wreaks havoc in wild
- Aug 2012 – AT&T suffers a near day long outage originating from an attack on their DNS infrastructure
- Sept – Oct 2012 – Operation Ababil launched against US banking and financial institutions. The vast majority of US banks suffer various degrees of outages, attacks leverage new SSL tool
- Nov – Dec 2012 – OpIsrael & OpZionism launched against various Israeli interests as a result of ongoing political struggles.
So, what did we learn from this year of carnage? I think we would be fooling ourselves if we believed that the overall success of this past year’s attacks could be attributed to luck or isolated to a few obscure examples. These attacks were by-and-large effective across a multitude of technologies, geographies and industries.
The attacks seemed to have little correlation on the surface as their effectiveness seemed to be felt without regard to the size of the company, geographic operations, the security technologies these organizations had in place or the amount of people studying the problem (e.g. security professionals, risk assessment results, etc).
However, if we are honest with ourselves, not all of the attacks have been successful thus far. There have been notable security programs that have weathered the storm by-and-large intact. Although they shall remain nameless to protect them from undue future attention, these programs were indeed different from the ones that suffered outages.
The people behind these programs are really the unsung heroes of 2012. These security professionals have provided us with a stable model of defense going forward. Let’s look at what they’ve taught us.
Security blind spots
Overall, the programs that were most effective against cyber attacks have taught us that they are doing something other (failed) programs are not. In the vernacular of security professionals, the difference between an effective program and an ineffective program is called a ‘security blind spot’.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.