The Syrian Electronic Army: Lessons to be learned
Davey Winder probes just who is doing just what and why, and asks what enterprises can learn from it.
Kenneth Geers, Senior Global Threat Analyst with FireEye, condenses his security advice into three easy lessons that every enterprise IT security department can takeaway:
Lesson #1: Techies must follow the news! With looming Western intervention in Syria, it was only logical that the hacktivist SEA would escalate its attacks, and that a key battleground for public opinion would be US media sites. Indeed, SEA targeted US newspapers, the US Marine Corps, and even a US college sports site, redirecting internet users to pro-Syria propaganda.
Because patriotic hackers seek free PR for their cause, there is a simple calculation here: the more visitors your site has, the more they want to attack it.
Lesson #2: Protect your flank. Sometimes, hackers use a frontal assault, such as by sending the victim a blizzard of meaningless data to achieve a denial-of-service. But if the front door is guarded, hackers can also ambush a target from the side, by exploiting third-party business relationships and data dependencies.
Admirals and Generals are taught to protect their flanks, but what about System Administrators? SEA tagged Twitter, New York Times, and other sites by sabotaging their Domain Name System (DNS) records, after finding weak links in their data supply chains.
Lesson #3: Train for social engineering. The SEA has used spear phishing, malformed URLs, and booby-trapped images of osculating movie stars to compromise their targets. Civilian website owners could use a little more military discipline. The Marine Corps hack, for example, was not in the .mil domain, but a recruiting site in the .com domain. For help, try two-factor authentication, locked domains, DNSSEC, and preparations to bypass DNS altogether by replacing human-readable addresses like www.nytimes.com with a computer-friendly IP address such as 188.8.131.52.
In This Article
Security analytics for your multi-cloud deployments
IBM Security QRadar SIEM solution briefDownload now
Five reasons to move to the cloud
Join the enterprises moving their workloads to the cloudDownload now
Architecting hybrid IT and edge for digital advantage
Why business leaders should consider a hybrid IT strategyDownload now
Six reasons to accelerate remote asset monitoring with AI
How to optimise resources, increase productivity, and grow profit margins with AIDownload now