Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
APC Free White Paper
Optimize your network investment &
Enter to win a Samsung Galaxy Note

www.apc.com
Network Security
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Add Guardian to Hacked List; Twitter Sends Security Memo
Add Guardian to Hacked List; Twitter Sends Security Memo

By Jennifer LeClaire
April 30, 2013 3:55PM

Bookmark and Share
"Change your Twitter account passwords," a Twitter security memo to news organizations urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."
 

Related Topics

Twitter
Security
Phishing
News


The Guardian, a newspaper that serves the United Kingdom, is reporting a story about itself: Cyberattackers have targeted its Twitter account. The paper points to Syrian hackers whose motive is to cause disruption and spread support for Syrian President Bashar al-Assad's regime.

The Syrian Electronic Army has admitted to the hack on the Guardian. It's not the first time the group has targeted the press: Other recent victims have included the BBC, National Public Radio and France 24 TV. The group has also attacked the Associated Press' Twitter account and tweeted phony news of an explosion at the White House. That attack actually caused the Dow Jones to dip.

According to the Guardian, nine bogus tweets were broadcast in a matter of 60 minutes through its Twitter account. Some of the messages offered anti-Israeli sentiments. Others said, "Long Live Syria." Still others just boasted, "Syrian Electronic Army Was Here" and "Follow the Syrian Electronic Army....Follow the truth!"

Blame It on Phishing

Hacks of high-profile news organizations' Twitter accounts have become so common that the micro-blogging site has sent a memo to them that warns it expects still more, and outlines several steps the organizations should take to deter the hacks.

"These incidents appear to be spear phishing attacks that target your corporate e-mail," the memo says. It lists several steps that should be taken immediately, along with others for the longer term.

"Change your Twitter account passwords," is one of the immediate steps the memo urges. "Never send passwords via e-mail, even internally. Ensure that passwords are strong -- at least 20 characters long. Use either randomly-generated passwords (like 'LauH6maicaza1Neez3zi') or a random string of words (like 'hewn cloths titles yachts refine')."

Among the longer-term changes Twitter urges for news organizations is to dedicate a single computer solely for posting tweets.

"Don't use this computer to read e-mail or surf the Web, to reduce the chances of malware infection," the memo says.

Twitter is working on beefing up its own security with a two-step authentication system for logging in, but has not yet implemented the system.

News Organizations Vulnerable

Graham Cluley, a senior security analyst at Sophos, said that because of the nature of news organizations, they are particularly vulnerable to phishing e-mails.

Attackers could send a convincing looking e-mail to a news agency, for instance, claiming to be a link to a breaking news story on Twitter. The recipients might be fooled into clicking on it and entering their Twitter account details.

"With many media organizations allowing a wide range of staff to update their official Twitter accounts, it only requires one worker to be fooled by an attack for the account password to fall into the wrong hands," Cluley wrote in the Sophos company blog.

Why Was Guardian Targeted?

Four million people in Syria are in need of humanitarian assistance, over 2 million people are internally displaced, and nearly 1 million people have fled to neighboring countries, according to the White House.

Over the course of 2012, the White House estimates, Syrian refugee numbers increased nearly thirty-fold, from some 20,000 to 600,000. The majority have fled to Jordan, Turkey, Lebanon, Iraq and Egypt.

"Guardian journalists have reported from inside Syria over the last two years, highlighting the terrible toll the civil war has had on the country's people, and atrocities blamed on the regime as it attempts to quell a rebellion," the Guardian reported. "It also published a number of leaked e-mails from the Assads and their inner circle."
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Network Security
1.   Retailers Hacked by New Malware
2.   IBM Beefs Up Identity Intelligence
3.   USB Security Flaw Uncovered
4.   Tor Internet Privacy Service Breached
5.   Canada Says China Hacked Gov't


advertisement
IBM Beefs Up Identity Intelligence
To offer biz better security products.
Average Rating:
Tor Internet Privacy Service Breached
Users should assume they're affected.
Average Rating:
Tor Working To Fix Security Exploit
Bug reportedly reveals ID of users
Average Rating:


advertisement


 Random Bytes
New Technology Defeats Privacy Efforts Canada Says China Hacked Gov't
USB Security Flaw Uncovered Hackers Breached StubHub Accounts
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
New 'Backoff' Malware Slips Undetected into Retail Systems
'Malicious actors' are using a new variety of malware to access consumer payment data remotely through point-of-sale systems, according to a report from the Department of Homeland Security.
 
IBM Beefs Up Identity Intelligence Security Solutions
Big Blue is betting big on identity intelligence. IBM just acquired a private firm with security software to govern user access to apps and data across cloud and on-premise environments.
 
USB Security Flaw Lets Hackers Hijack PCs
Hackers can use the firmware that controls USB functions to take control of computers, say security experts. That means there may be a new class of attack for which there are no defenses.
 

Enterprise Hardware Spotlight
AMD's ARM-Based Opteron Out in $3K Dev Kit
It's dubbed "Seattle" and it's AMD's first 64-bit ARM-based Opteron processor. The low-power chip is being released as part of AMD’s Opteron A1100-series developer kit, and aimed at high-end data center needs.
 
Apple Updates MacBook Pros, Cuts Prices Up to $100
The popular MacBook Pro laptop line just got an update and a price cut of as much as $100. The MacBook Pro with Retina display now includes faster processors and double the memory.
 
Dell, BlackBerry Not Sweating Apple-IBM Alliance
IBM's recent move to partner with Apple to sell iPhones and iPads loaded with corporate applications has excited investors in both companies, but two rivals say they are unperturbed for now.
 

Mobile Technology Spotlight
Virgin Mobile Offers Custom Smartphone Plans
As the wireless carrier wars continue heating up, Virgin Mobile just threw the customization coal onto the fire. The firm has debuted a no-annual-contract plan with rates based on individual use.
 
Collaboration Provider Asana Revamps Mobile App
Asana, a collaboration software provider started by a Facebook founder, is now out with a rebuilt native iOS mobile app. It replaces one that even the company admits was not up to par.
 
FTC Wants Fix for 'Perfect Scam' of Mobile Cramming
The U.S. Federal Trade Commission has issued new guidelines to curb “mobile cramming,” a troublesome practice that adds unauthorized third-party charges to mobile phone bills.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.