OpenDNS announced findings by its research organization into the most significant cyber attacks of 2013. Red October, Kelihos, Syrian Electronic Army DNS Hijack, Syria Internet shutdown and Cryptolocker topped the list of malicious Internet events over the past twelve months.
To capture the massive volume and scale of these incidents, OpenDNS created a short 3D video of the DNS activity generated by each of them:
Top Five Cyber Attacks of 2013:
Advanced cyber-espionage network discovered by Kaspersky Labs was responsible for targeting select enterprises. Malware was used to “phone home” to command and control servers and exfiltrate data.
Complex criminal infrastructure, used to deliver the malware and steal data, continues to adapt and evade reputation systems and sandboxes with double fast fluxing networks and domain generation algorithms.
Visitors to some of the Internet’s most popular websites were redirected to the Syrian Electronic Army’s Web server, which luckily only delivered a political message, not malware.
Syria Internet Shutdown
Internet access into and out of the country was completely cut off by withdrawing the network routes that are used to reach the Syria-based .SY domain name servers.
The most sophisticated and widespread ransomware ever seen evaded firewalls, gateways and endpoint protections for weeks using a domain generation algorithm (DGA). Infected machines “phoned home” to acquire keys used to encrypt the victim’s files.