The breach was reportedly a simple one, but very extensive in depth. What this means is that the entry method was not complex (like lifting the sliding glass door to get into a house), but what was taken was very valuable (the got the big screen and all the jewelry). This breach on a firm that is supposed to provide expert advice on security is a very serious one as it shows that even the people that are supposed to be the experts are vulnerable to attack.
However, despite AntiSec claiming responsibility for the hack and the breach we have noticed that most of the articles still point the finger at Anonymous directly. It is true that there are many faction and “groups” inside Anonymous, but AntiSec and Anonymous had a very public falling out well over a month ago with the core Anonymous group actually shutting the AntiSec website down for a while. We heard that some of AntiSec’s activities caused a minor “hacker’s war” which ended up with the DOS on the AntiSec site. To some this might not be a big issue, but it really does show that what is happening with Anonymous and the rash of breaches is not being reported correctly at all. Because of this the general public is getting (possibly intentionally) a very lopsided view of the situation.
Although, I do not condone the actions of Anonymous or AntiSec I do feel that it is still the responsibility of the company or corporation to secure their data against this type of threat. The problem is (as we have said before) too many companies want to cut back on IT spending (including salaries) which then leaves them open to this. After working in IT for over 20 years I have watched this happen time and time again. It truly shows a disregard for the consumer as profits take the center stage (which is exactly why the occupy movement started).
Attacks like this also bring the theory of Cloud Computing into question. After all if companies are unable to secure something like this, how can they ever hope to secure a setup like the cloud. We have asked around (in some very unusual places) and found that the idea of cloud computing services like Google Docs, and Microsoft’s Azure are very tempting targets to groups like Anonymous and AntiSec. Sure, the cloud might save you money, but as has been pointed out many times before; in IT you either pay for it now, or you pay for it later.
Discuss in our Forum
Wednesday, 28 December 2011 07:06
Stratfor Breach shows a much larger issue
Written by Sean KalinichReading time is around minutes.
When we first started following the collective that is called Anonymous we noted that there would come a time when any breach or hack would be thrown at their feet. This has now started to happen as the media (who has never really understood the situation) attempts to appear informed on the social hacking that is taking place in the world today. On December 25th the group AntiSec (a group formerly part of Anonymous) hacked into the Strategic Forecasting Website and the servers behind it.
Latest from Sean Kalinich
- ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
- Social Manipulation as a Service – When the Bots on Twitter get their Check marks
- To Release or not to Release a PoC or OST That is the Question
- There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
- NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Leave a comment
Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.