Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43438
  • Total Topics: 16532
  • Online today: 3056
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 3
Guests: 2972
Total: 2975









Author Topic: Major News Outlets Attacked in Apparent Coordinated Campaign  (Read 2083 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Major News Outlets Attacked in Apparent Coordinated Campaign

This time it’s not about some Twitter account being hacked but serious business: It was major news when on January 30 The New York Times revealed that it had been hacked, with users passwords and various email accounts compromised. Today the Wall Street Journal stepped forward and announced that its computer systems had been infiltrated. The Journal claims “The U.S. Federal Bureau of Investigation has been probing these media incidents for more than a year.” Quite clearly there is a pattern here.

Although it may be easy to jump to (wrong) conclusions, especially regarding attribution of these attacks, a number of disturbing facts remain:

• Many actors have an interest in knowing what stories will be published in advance, ranging from stock brokers to nation states

• Revealing reporters’ sources by way of hacking into their accounts may have dire consequences for the sources, including torture and death. Most countries have laws protecting them for this very reason, but hacking circumvents all protection.

• News outlets are rather small companies with limited budgets and limited resources for protecting their networks against determined attackers

• News organizations are extremely vulnerable to attacks in which malicious code is supplied to employees by way of email attachments or links in email. Reporters use email and online sources all the time. It’s part of their daily business.

What can news and other organizations do to protect themselves?

By now it should be clear that relying only on endpoint security in a standard configuration is not enough to stop determined attackers with enough resources and skills. We need additional controls and monitoring to defend against them. Remember, they can try a thousand times and need to be successful only once. In defense we need to be successful every time. Watching who accesses data and from where, monitoring network traffic, and being suspicious about unusual activities (who exactly in your network is supposed to upload gigabytes of data to somewhere on the Internet?) are key to detecting and blocking such attacks. A security information and event management (SIEM) solution can be helpful there, especially if your human resources for monitoring are limited.

How many publications outside the United States have been victims of similar attacks? It’s very likely publications around the globe are being attacked or “pwned” as I’m writing this. You may want to check for anything unusual and protect against attacks that could hit you as well.


Orginal article: Thursday, January 31, 2013 at 6:04pm by Toralv Dirro
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023