Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
Network Security
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Add Guardian to Hacked List; Twitter Sends Security Memo
Add Guardian to Hacked List; Twitter Sends Security Memo

By Jennifer LeClaire
April 30, 2013 3:55PM

Bookmark and Share
"Change your Twitter account passwords," a Twitter security memo to news organizations urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."
 

Related Topics

Twitter
Security
Phishing
News


The Guardian, a newspaper that serves the United Kingdom, is reporting a story about itself: Cyberattackers have targeted its Twitter account. The paper points to Syrian hackers whose motive is to cause disruption and spread support for Syrian President Bashar al-Assad's regime.

The Syrian Electronic Army has admitted to the hack on the Guardian. It's not the first time the group has targeted the press: Other recent victims have included the BBC, National Public Radio and France 24 TV. The group has also attacked the Associated Press' Twitter account and tweeted phony news of an explosion at the White House. That attack actually caused the Dow Jones to dip.

According to the Guardian, nine bogus tweets were broadcast in a matter of 60 minutes through its Twitter account. Some of the messages offered anti-Israeli sentiments. Others said, "Long Live Syria." Still others just boasted, "Syrian Electronic Army Was Here" and "Follow the Syrian Electronic Army....Follow the truth!"

Blame It on Phishing

Hacks of high-profile news organizations' Twitter accounts have become so common that the micro-blogging site has sent a memo to them that warns it expects still more, and outlines several steps the organizations should take to deter the hacks.

"These incidents appear to be spear phishing attacks that target your corporate e-mail," the memo says. It lists several steps that should be taken immediately, along with others for the longer term.

"Change your Twitter account passwords," is one of the immediate steps the memo urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."

Among the longer-term changes Twitter urges for news organizations is to dedicate a single computer solely for posting tweets.

"Don't use this computer to read e-mail or surf the Web, to reduce the chances of malware infection," the memo says.

Twitter is working on beefing up its own security with a two-step authentication system for logging in, but has not yet implemented the system.

News Organizations Vulnerable

Graham Cluley, a senior security analyst at Sophos, said that because of the nature of news organizations, they are particularly vulnerable to phishing e-mails.

Attackers could send a convincing looking e-mail to a news agency, for instance, claiming to be a link to a breaking news story on Twitter. The recipients might be fooled into clicking on it and entering their Twitter account details.

"With many media organizations allowing a wide range of staff to update their official Twitter accounts, it only requires one worker to be fooled by an attack for the account password to fall into the wrong hands," Cluley wrote in the Sophos company blog.

Why Was Guardian Targeted?

Four million people in Syria are in need of humanitarian assistance, over 2 million people are internally displaced, and nearly 1 million people have fled to neighboring countries, according to the White House.

Over the course of 2012, the White House estimates, Syrian refugee numbers increased nearly thirty-fold, from some 20,000 to 600,000. The majority have fled to Jordan, Turkey, Lebanon, Iraq and Egypt.

"Guardian journalists have reported from inside Syria over the last two years, highlighting the terrible toll the civil war has had on the country's people, and atrocities blamed on the regime as it attempts to quell a rebellion," the Guardian reported. "It also published a number of leaked e-mails from the Assads and their inner circle."
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Banks Hit by Android-Skirting Malware
2.   New Technology Defeats Privacy Efforts
3.   Juniper DDoS for High-IQ Networks
4.   Big DDoS Attacks Hit Record in 2014
5.   Can Google Stop Zero Day Flaws?


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
New Technology Defeats Privacy Efforts
Study identifies 3 browser techniques.
Average Rating:


advertisement


 Random Bytes
Chinese Hackers Hit U.S. Officials Can Google Stop Zero Day Flaws?
New Technology Defeats Privacy Efforts Banks Hit by Android-Skirting Malware
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 

Enterprise Hardware Spotlight
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 
Another Day, Another Internet of Things Consortium Is Born
In the emerging Internet of Things, zillions of devices will be talking to each other. Samsung, Intel and Dell just formed a consortium to ensure each thing can understand what others are saying.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.