Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
GET RECOGNIZED.
Let an ISACA® certification
elevate your career.

Register today and save
Network Security
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Add Guardian to Hacked List; Twitter Sends Security Memo
Add Guardian to Hacked List; Twitter Sends Security Memo

By Jennifer LeClaire
April 30, 2013 3:55PM

    Bookmark and Share
"Change your Twitter account passwords," a Twitter security memo to news organizations urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."
 

Related Topics

Twitter
Security
Phishing
News



The Guardian, a newspaper that serves the United Kingdom, is reporting a story about itself: Cyberattackers have targeted its Twitter account. The paper points to Syrian hackers whose motive is to cause disruption and spread support for Syrian President Bashar al-Assad's regime.

The Syrian Electronic Army has admitted to the hack on the Guardian. It's not the first time the group has targeted the press: Other recent victims have included the BBC, National Public Radio and France 24 TV. The group has also attacked the Associated Press' Twitter account and tweeted phony news of an explosion at the White House. That attack actually caused the Dow Jones to dip.

According to the Guardian, nine bogus tweets were broadcast in a matter of 60 minutes through its Twitter account. Some of the messages offered anti-Israeli sentiments. Others said, "Long Live Syria." Still others just boasted, "Syrian Electronic Army Was Here" and "Follow the Syrian Electronic Army....Follow the truth!"

Blame It on Phishing

Hacks of high-profile news organizations' Twitter accounts have become so common that the micro-blogging site has sent a memo to them that warns it expects still more, and outlines several steps the organizations should take to deter the hacks.

"These incidents appear to be spear phishing attacks that target your corporate e-mail," the memo says. It lists several steps that should be taken immediately, along with others for the longer term.

"Change your Twitter account passwords," is one of the immediate steps the memo urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."

Among the longer-term changes Twitter urges for news organizations is to dedicate a single computer solely for posting tweets.

"Don't use this computer to read e-mail or surf the Web, to reduce the chances of malware infection," the memo says.

Twitter is working on beefing up its own security with a two-step authentication system for logging in, but has not yet implemented the system.

News Organizations Vulnerable

Graham Cluley, a senior security analyst at Sophos, said that because of the nature of news organizations, they are particularly vulnerable to phishing e-mails.

Attackers could send a convincing looking e-mail to a news agency, for instance, claiming to be a link to a breaking news story on Twitter. The recipients might be fooled into clicking on it and entering their Twitter account details.

"With many media organizations allowing a wide range of staff to update their official Twitter accounts, it only requires one worker to be fooled by an attack for the account password to fall into the wrong hands," Cluley wrote in the Sophos company blog.

Why Was Guardian Targeted?

Four million people in Syria are in need of humanitarian assistance, over 2 million people are internally displaced, and nearly 1 million people have fled to neighboring countries, according to the White House.

Over the course of 2012, the White House estimates, Syrian refugee numbers increased nearly thirty-fold, from some 20,000 to 600,000. The majority have fled to Jordan, Turkey, Lebanon, Iraq and Egypt.

"Guardian journalists have reported from inside Syria over the last two years, highlighting the terrible toll the civil war has had on the country's people, and atrocities blamed on the regime as it attempts to quell a rebellion," the Guardian reported. "It also published a number of leaked e-mails from the Assads and their inner circle."
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Banks Hit by Android-Skirting Malware
2.   New Technology Defeats Privacy Efforts
3.   Juniper DDoS for High-IQ Networks
4.   Big DDoS Attacks Hit Record in 2014
5.   Can Google Stop Zero Day Flaws?


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
New Technology Defeats Privacy Efforts
Study identifies 3 browser techniques.
Average Rating:


advertisement


 Random Bytes
Big DDoS Attacks Hit Record in 2014 New Technology Defeats Privacy Efforts
Russian Hackers Attack CNET Google Hacker Team to Hunt Bugs
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.