Intelligence and security research group Stratfor was hacked Saturday, and a a list of clients, personal information and credit card numbers purloined from its servers.
Having exposed the group's customers, the hackers apparently used the card numbers to make donations to the Red Cross and other charities.
The New York Times' Nicole Perlroth writes that the attack was also likely intended to embarrass Stratfor. She ends with a curious quote from Jerry Irvine, a member of the Department of Homeland Security's cybersecurity task force:
“The scary thing is that no matter what you do, every system has some level of vulnerability,” says Jerry Irvine, a member of the National Cyber Security Task Force. “The more you do from an advanced technical standpoint, the more common things go unnoticed. Getting into a system is really not that difficult.”
Sure, if it's a web server, exposed to the public by design.
But Stratfor didn't just expose a website to the public. It also, apparently, put all this other stuff online, in the clear, for the taking.
It's true that websites are like storefronts, and that it's more or less impossible to stop determined people from blocking or defacing them now and again.
Here, however, it looks like Stratfor left private files in the window display, waiting to be grabbed by the first guy to put a brick through the glass.
Now, I'm not a member of the national IT security planning task force. But I'm pretty sure that putting unencrypted lists of credit card numbers and client details on public-exposed servers isn't quite explained by "no matter what you do, every system has some level of vulnerability."
UPDATE: One Anon claims that the hack was not the work of Anonymous. However, the usual caveats apply: no structure, no official channels, no formal leaders or spokespersons.
A family in DeSoto County, Mississippi, bought a Ring security camera so they could keep an eye on their three young girls in their bedroom. Four days later, they learned that a hacker had broken into the camera and subjected their children to continuous bedroom surveillance, taunting the children through the camera's built-in speaker.
Evan from Fight for the Future writes, "A new investigation from Gizmodo just revealed that anyone, anywhere can get geographic coordinates of Ring devices from Amazon’s Neighbors App. Not only can someone find out where users live, they can use footage to track bystanders, locate children, and monitor people going into buildings, like clinics, for […]
Princen Alice created a “password generator” that glues random Welsh-sounding words into a craggy landscape of letters. It’s probably not very good, since it’s three or four dictionary words and a number plus the fallacious ethnocentric belief that unpronouceability to English speakers reflects randomness, but what a delightful mess!
The good news: Software like Adobe Premiere Pro, Camtasia and Final Cut Pro has opened up a ton of possibilities for desktop videographers. On the other hand, their use is so widespread that you have to be an expert in them before you can even think about a career in the field. That’s a requirement […]
There are a lot of high-tech drones and RC planes flooding the market lately, and the innovations are coming so fast on each new iteration, most of them forget one crucial thing: Flying these is supposed to be fun. Here’s an alternative that keeps that ethic firmly in mind: The Moskito Smartphone-Controlled Plane. This thing […]
There are few intellectual exercises better than a good game of chess against a capable opponent, which is why a lot of old hands at the gameplay it online. But there’s still nothing like the tactile thrill of moving a knight into checkmate. (Or sweeping the pieces off dramatically when you lose.) That’s why we’re […]