Andy Greenberg wrote an interesting article from the standpoint of a reporter who is hacked by a foreign government. It is entertaining and non-technical enough for a person who knows next to nothing about computer security.
There is nothing new about the hack, but I'm wondering why we still haven't found a way to reduce the effectiveness of spear phishing. It certainly has been going on long enough. But, if you read both Greenberg's article and the links to the other article about it, you see how ineffective the security staff of Forbes was in preventing, or mitigating the attack. At least partly, that was due to the attack being on Vice Media first. Forbes users were then sent the attack message and "logged into" their Vice Media account to see the article referenced. Forbes has the same problem that everyone else has with interconnected sites, some of which are secure, and some not. [the original link to this article is now broken, so it might be a good idea to stay away from it ]
http://www.forbes.com/sites/andygreenberg/2014/02/20/how-the-syrian-electronic-army-hacked-us-a-detailed-timeline/
Let's give credit to Forbes for their openness about this subject. Most agencies and businesses say little and hope the audiences they serve are forgetful. Did you forget the Chinese hacked the New York Times?
The Syrians are obviously getting help in putting together this kind of attack, and since their Russian friends are so good at it, it would be a wonder if they weren't behind it. If you ever want to wonder how these politically motivated groups operate, read about these types of attacks and put together what they are looking for - sources of stories that are inside their countries, where they can get at them and destroy them. They are using the Chinese approach to controlling the press-- not just their press, but ours. Amazon books:
No comments:
Post a Comment