IJISC
  • Indexed in

  • Latest News

    December 30, 2024
    Volume 13, Issue 2 of the International Journal of Information Security and Cybercrime was published
    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Analysis of Cyber Security Incidents First Quarter of 2013


    Author(s): CERT, RO
    Issue: Volume 2, Issue 1, Year 2013

    Download PDF | Views: 3,404

    In the CERT-RO was implemented a procedure for cyber security incident management and the System for early warning and real-time information on cyber security incidents – SAT is under development.

    In the present the contact point for collecting complaints / alerts and information about cyber security incidents is opera¬tional both automated and through direct communication, depending on the nature of the incident.

    On the basis of reported alerts from different entities or partners that work with CERT-RO, the situation of the victims affected by cyber incidents in the first quarter of 2013 is following:
    Classification of risk-based cyber incident:

    Risk-Clasification

    APT – Advanced Persistent Threat – targeted cyber-attacks with a high degree of complexity and potential of major risk;
    Botnet (victims) – network of infected computer systems controlled by other people / organizations than their owners;
    Botnet (CC) – computer systems used for controlling victims inside a botnet;
    Data Loss/Leakage – affecting the availability of confidential / classified data or accessing them by persons / organizations without rights;
    Distributed Denial of Service (DDOS) – affecting the availability of computer systems/ services or electronic communications;
    Malware Distribution – computer systems / services with role of vector of infection for other systems;
    Phishing – a form of cheating in online environment what consists of using techniques for handling identity of persons / organizations to obtain material benefits or confidential information;
    Resource Scanning – using of techniques for identifying services / vulnerabilities used / associated to computer systems;
    Scam – a fraudulent business scheme in the online environment;
    Spam – unsolicited electronic communications with commercial character;
    System Compromising – compromise/infection of computer services/systems;
    Unlawful Activities – illegal activities conducted in the online environment (child pornography, illegal e-commerce etc.).

    On the basis of reported alerts, from different entities or partners that work with CERT-RO, the situation of the victims affected by cyber incidents in the first quarter of 2013 is the following:

    Report of Cyber Incidents in Q1 (2013)
    BOTNET 2240
    Data Loss/Leakage 0
    DDoS attack 17
    Malware Distribution 108
    Phishing 33
    Spam 2
    System compromising 8
    Unlawful Activities 0
    Total 2416 cyber-incidents

    Attacks-Statistics

    In the first quarter of 2013, there were 2416 reported incidents that affected:

    Type of Computer Systems Affected
    Webservers 68
    Networks 4
    Total 72
    Type of Entity Affected
    Public Institution 9
    Banking Institution (online banking system) 45
    Private Organizations 6
    Individuals 7
    Total 67

    Entity-Type-Statistics

    Alerts-Types

    Conclusions

    On the basis of information held by CERT-RO, it highlights a number of conclusions regarding cyber security incidents that occur / may occur in computer systems / networks located in Romania, under the responsibility of CERT-RO, as follows:


    Additional Information

    Title: Analysis of Cyber Security Incidents First Quarter of 2013
    Author(s): CERT, RO
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225, e-ISSN: 2286-0096
    Issue: Volume 2, Issue 1, Year 2013
    Section: Cyber-Attacks Evolution and Cybercrime Trends
    Page Range: 67-70



    Copyright ©2012-2025
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.