HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / Add Guardian to List of Hacked Tweets
Verisign DDOS SOLUTION:
Detection Capabilities, Mitigation Techniques & Proven Technology.
www.verisigninc.com
Add Guardian to Hacked List; Twitter Sends Security Memo
Add Guardian to Hacked List; Twitter Sends Security Memo
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
APRIL
30
2013
The Guardian, a newspaper that serves the United Kingdom, is reporting a story about itself: Cyberattackers have targeted its Twitter account. The paper points to Syrian hackers whose motive is to cause disruption and spread support for Syrian President Bashar al-Assad's regime.

The Syrian Electronic Army has admitted to the hack on the Guardian. It's not the first time the group has targeted the press: Other recent victims have included the BBC, National Public Radio and France 24 TV. The group has also attacked the Associated Press' Twitter account and tweeted phony news of an explosion at the White House. That attack actually caused the Dow Jones to dip.

According to the Guardian, nine bogus tweets were broadcast in a matter of 60 minutes through its Twitter account. Some of the messages offered anti-Israeli sentiments. Others said, "Long Live Syria." Still others just boasted, "Syrian Electronic Army Was Here" and "Follow the Syrian Electronic Army....Follow the truth!"

Blame It on Phishing

Hacks of high-profile news organizations' Twitter accounts have become so common that the micro-blogging site has sent a memo to them that warns it expects still more, and outlines several steps the organizations should take to deter the hacks.

"These incidents appear to be spear phishing attacks that target your corporate e-mail," the memo says. It lists several steps that should be taken immediately, along with others for the longer term.

"Change your Twitter account passwords," is one of the immediate steps the memo urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."

Among the longer-term changes Twitter urges for news organizations is to dedicate a single computer solely for posting tweets.

"Don't use this computer to read e-mail or surf the Web, to reduce the chances of malware infection," the memo says.

Twitter is working on beefing up its own security with a two-step authentication system for logging in, but has not yet implemented the system.

News Organizations Vulnerable

Graham Cluley, a senior security analyst at Sophos, said that because of the nature of news organizations, they are particularly vulnerable to phishing e-mails.

Attackers could send a convincing looking e-mail to a news agency, for instance, claiming to be a link to a breaking news story on Twitter. The recipients might be fooled into clicking on it and entering their Twitter account details.

"With many media organizations allowing a wide range of staff to update their official Twitter accounts, it only requires one worker to be fooled by an attack for the account password to fall into the wrong hands," Cluley wrote in the Sophos company blog.

Why Was Guardian Targeted?

Four million people in Syria are in need of humanitarian assistance, over 2 million people are internally displaced, and nearly 1 million people have fled to neighboring countries, according to the White House.

Over the course of 2012, the White House estimates, Syrian refugee numbers increased nearly thirty-fold, from some 20,000 to 600,000. The majority have fled to Jordan, Turkey, Lebanon, Iraq and Egypt.

"Guardian journalists have reported from inside Syria over the last two years, highlighting the terrible toll the civil war has had on the country's people, and atrocities blamed on the regime as it attempts to quell a rebellion," the Guardian reported. "It also published a number of leaked e-mails from the Assads and their inner circle."

Read more on: Twitter, Security, Phishing, News
Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
High Quality CRM Data: Prevent, detect and fix errors at the point of data entry for Dynamics CRM. Trillium Software helps you achieve an accurate, synchronized, single view of customers. It's time to trust your data. Take a product tour and read CRM Analyst opinions here.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Apple is taking the iCloud hack that revealed naked selfies of celebrities seriously, adding new security tools to keep its cloud safe. But there’s still fallout from the early-September iCloud hack.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.