The Guardian, a newspaper that serves the United Kingdom, is reporting a story about itself: Cyberattackers have targeted its Twitter account. The paper points to Syrian hackers whose motive is to cause disruption and spread support for Syrian President Bashar al-Assad's regime.
The Syrian Electronic Army has admitted to the hack on the Guardian. It's not the first time the group has targeted the press: Other recent victims have included the BBC, National Public Radio and France 24 TV. The group has also attacked the Associated Press' Twitter account and tweeted phony news of an explosion at the White House. That attack actually caused the Dow Jones to dip.
According to the Guardian, nine bogus tweets were broadcast in a matter of 60 minutes through its Twitter account. Some of the messages offered anti-Israeli sentiments. Others said, "Long Live Syria." Still others just boasted, "Syrian Electronic Army Was Here" and "Follow the Syrian Electronic Army....Follow the truth!"
Blame It on Phishing
Hacks of high-profile news organizations' Twitter accounts have become so common that the micro-blogging site has sent a memo to them that warns it expects still more, and outlines several steps the organizations should take to deter the hacks.
"These incidents appear to be spear phishing attacks that target your corporate e-mail," the memo says. It lists several steps that should be taken immediately, along with others for the longer term.
"Change your Twitter account passwords," is one of the immediate steps the memo urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."
Among the longer-term changes Twitter urges for news organizations is to dedicate a single computer solely for posting tweets.
"Don't use this computer to read e-mail or surf the Web, to reduce the chances of malware
infection," the memo says.
Twitter is working on beefing up its own security with a two-step authentication system for logging in, but has not yet implemented the system.
News Organizations Vulnerable
Graham Cluley, a senior security analyst at Sophos, said that because of the nature of news organizations, they are particularly vulnerable to phishing e-mails.
Attackers could send a convincing looking e-mail to a news agency, for instance, claiming to be a link to a breaking news story on Twitter. The recipients might be fooled into clicking on it and entering their Twitter account details.
"With many media organizations allowing a wide range of staff to update their official Twitter accounts, it only requires one worker to be fooled by an attack for the account password to fall into the wrong hands," Cluley wrote in the Sophos company blog.
Why Was Guardian Targeted?
Four million people in Syria are in need of humanitarian assistance, over 2 million people are internally displaced, and nearly 1 million people have fled to neighboring countries, according to the White House.
Over the course of 2012, the White House estimates, Syrian refugee numbers increased nearly thirty-fold, from some 20,000 to 600,000. The majority have fled to Jordan, Turkey, Lebanon, Iraq and Egypt.
"Guardian journalists have reported from inside Syria over the last two years, highlighting the terrible toll the civil war has had on the country's people, and atrocities blamed on the regime as it attempts to quell a rebellion," the Guardian reported. "It also published a number of leaked e-mails from the Assads and their inner circle."