Friday, August 23, 2013

Hacktivists target Big Media

Activist hackers from the self-proclaimed Syrian Electronic Army (SEA) are going after big media outlets, recently broaching security and changing content at the Associated Press, Agence-France Press, Reuters, the BBC, NPR, Time, CNN, the New York Times, and the Washington Post (among others).
"They are going after media, because they want to propagate their message," said Jason Lancaster(, a senior analyst at HP Security Research). "When they attack media organizations, even if they are not successful, their message is, in a way, still being propagated." 
In most cases, the hackers used simple phishing techniques to gain userIDs and log-in passwords, then exploiting the limited security of social media and internal computer networks.
The breaches have demonstrated that many of the third-party widgets, plugins, and Web services used by media companies come with inherent risks. Publishers' pages are a mashup of a variety of third-party content, making the security of any displayed page reliant on the weakest link in the Web supply chain, says Chris Wysopal, chief technology officer of Veracode, an application-security firm.
"These websites pull ads and widgets from all over the place," he says. "People have no idea where all this data is coming from. I don't think a lot of people have thought about this threat model." 
 Just what we need...
Another reason not to believe everything you read...

Source -   How Hacktivists Have Targeted Major Media Outlets,  dark reading

No comments:

Post a Comment