Ira Winkler: My run-in with the Syrian Electronic Army
The hacker group dedicated to supporting Syria's dictator wasted an attack vector on trying to embarrass the writer. Will the SEA's handlers in the Syrian intelligence services approve of such immaturity?
Computerworld - The Syrian Electronic Army may have jumped the shark.
Last month, the SEA, a hacker group whose stated purpose is to support the Syrian government of Bashir al-Assad, hacked the RSA Conference website. The hack was done to express its dislike for me, which stems from a presentation that I gave at the 2014 RSA Conference that detailed the SEA's tactics, named names and disclosed methods to prevent its attacks.
I'll get to the findings of those investigations, but first let me tell you how I became aware of the situation.
On the evening of Saturday, April 26, a tweet was directed at me from the SEA indicating that there was a message awaiting me at the RSA Conference site. I know better than to trust any links that come from the SEA, so I opened up a browser and typed in the RSA Conference URL. The normal site came up; no message for me from the SEA was visible.
The SEA tweeted more messages, but I ignored them. But when a friend told me the SEA wasn't playing a practical joke, I took out my safe computer and followed the tweeted link. Now I could see a graphic with a taunt from the SEA. My thought was that the RSA Conference might have been momentarily hacked and that this was a screen capture.
Around this time, someone on Facebook told me he had seen the taunting image. I didn't give that too much thought. The SEA's dirty work was out there on the RSA Conference site, and people inevitably were going to see it. But later I learned that this friend didn't see the image on the RSA Conference website. It was on another website entirely. If I had noticed that fact at that time, I would have found it very interesting. But as it was, I dismissed this bit of news as more of the same.
More by Ira Winkler
- Ira Winkler: My run-in with the Syrian Electronic Army
- A simple cure for the cybersecurity skills shortage
- Ira Winkler: 6 failures that led to Target hack
- Ira Winkler: The RSA Conference boycott is nonsense
- Electronic privacy? There's no such thing
- Guys, stop creeping out women at tech events
- Ira Winkler: Stupid users, or stupid infosec?
- We're missing out on the value of security awareness
- Are your security professionals qualified?
- Ira Winkler: Press falls short in reporting on chip hack
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Live Webcast 5 Steps to Assuring Quality of Experience In order to align monitoring and management practices with the true demands of the business, IT professionals must expand beyond traditional comfort zones...
- Live Webcast Master the Changing SAP Landscape with Performance Management SAP landscapes are not getting simpler. Gradually, business processes that used to be contained on a single SAP system now involve a range...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts