Ira Winkler: My run-in with the Syrian Electronic Army
The hacker group dedicated to supporting Syria's dictator wasted an attack vector on trying to embarrass the writer. Will the SEA's handlers in the Syrian intelligence services approve of such immaturity?
Computerworld - The Syrian Electronic Army may have jumped the shark.
Last month, the SEA, a hacker group whose stated purpose is to support the Syrian government of Bashir al-Assad, hacked the RSA Conference website. The hack was done to express its dislike for me, which stems from a presentation that I gave at the 2014 RSA Conference that detailed the SEA's tactics, named names and disclosed methods to prevent its attacks.
I'll get to the findings of those investigations, but first let me tell you how I became aware of the situation.
On the evening of Saturday, April 26, a tweet was directed at me from the SEA indicating that there was a message awaiting me at the RSA Conference site. I know better than to trust any links that come from the SEA, so I opened up a browser and typed in the RSA Conference URL. The normal site came up; no message for me from the SEA was visible.
The SEA tweeted more messages, but I ignored them. But when a friend told me the SEA wasn't playing a practical joke, I took out my safe computer and followed the tweeted link. Now I could see a graphic with a taunt from the SEA. My thought was that the RSA Conference might have been momentarily hacked and that this was a screen capture.
Around this time, someone on Facebook told me he had seen the taunting image. I didn't give that too much thought. The SEA's dirty work was out there on the RSA Conference site, and people inevitably were going to see it. But later I learned that this friend didn't see the image on the RSA Conference website. It was on another website entirely. If I had noticed that fact at that time, I would have found it very interesting. But as it was, I dismissed this bit of news as more of the same.
More by Ira Winkler
- Ira Winkler: My run-in with the Syrian Electronic Army
- A simple cure for the cybersecurity skills shortage
- Ira Winkler: 6 failures that led to Target hack
- Ira Winkler: The RSA Conference boycott is nonsense
- Electronic privacy? There's no such thing
- Guys, stop creeping out women at tech events
- Ira Winkler: Stupid users, or stupid infosec?
- We're missing out on the value of security awareness
- Are your security professionals qualified?
- Ira Winkler: Press falls short in reporting on chip hack
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- It's not too late...Get Your Mobile Questions Answered Live! How can IT provide seamless and secure mobile communications and collaboration for all? Join this live Webcast as IDG asks an expert panel... All Cybercrime and Hacking White Papers | Webcasts