Media Blog

Govt. Computers Hacked Thanks to Pretty Face

This is how easy it is to hack into government computers. ZDNet reports:

Government agency compromised by fake Facebook hottie

Using social media profiles and a photo of a real (and consenting) woman, two hackers fooled a government employer into believing she was an employee, conning them out of a company laptop, network credentials, and more.

They used “her” Facebook and LinkedIn connections to send out holiday cards linked to an attack site, which the government employees visited, and scammed one employee into sending her a work laptop – as well as network access credentials and more, such as SalesForce logins.

The researchers used the imaginary pretty girl’s poisoned holiday e-cards to gain administrative rights, obtain passwords, install applications and stole documents with sensitive information – some of which, according to the hackers, included information about state-sponsored attacks and country leaders.

Miss Emily Williams – run by puppetmasters security researchers Aamir Lakhani and Joseph Muniz – even convinced a security team executive to click a javascript exploit masquerading as a birthday card, thus compromising his laptop.

Lakhani told an audience at RSA Europe 2013 on Wednesday, October 30, ”This guy had access to everything. He had the crown jewels in the system.” 

Mr. Lakhani presented the team’s research findings at RSA Europe in a talk titled Social Media Deception, the results of his team’s sanctioned 90-day “Emily Williams” penetration test experiment on a US government agency, conducted at the end of 2012.

Lakhani declined to state which U.S. government agency was infiltrated and compromised by the fictitious Miss Williams. He told the RSA audience that his team’s pre-Snowden attack was performed on a very secure agency that specializes in offensive cybersecurity and protecting secrets, one where previously only zero-day attacks had been successful in pentests leveraged against the unnamed agency.

And what did it take to crack this “very secure agency that specializes in offensive cybersecurtiy?” This woman:

 Feel safer yet about Healthcare.gov? The rest here.

 

Most Popular

White House

Hell, Yes

Editor’s Note: If you would like to read more pros and cons on voting for President Trump, further essays on the subject, each from a different perspective, can be found here, here, here, here, and here. These articles, and the one below, reflect the views of the individual authors, not of the National ... Read More
White House

Hell, Yes

Editor’s Note: If you would like to read more pros and cons on voting for President Trump, further essays on the subject, each from a different perspective, can be found here, here, here, here, and here. These articles, and the one below, reflect the views of the individual authors, not of the National ... Read More

Another Pollster Sees a Trump Win

The Trafalgar Group’s Robert Cahaly is an outlier among pollsters in that he thinks President Trump will carry Michigan, Pennsylvania, or both, and hence be reelected with roughly 280 electoral votes. (I explained his thinking here.) Last week another pollster, Jim Lee of Susquehanna Polling and Research, ... Read More

Another Pollster Sees a Trump Win

The Trafalgar Group’s Robert Cahaly is an outlier among pollsters in that he thinks President Trump will carry Michigan, Pennsylvania, or both, and hence be reelected with roughly 280 electoral votes. (I explained his thinking here.) Last week another pollster, Jim Lee of Susquehanna Polling and Research, ... Read More
U.S.

Looking for Racism

Liberals are expanding the definition of racism to silence their political opponents and justify their expansive claims on power. Despite America’s penchant for comeback stories and apology tours for celebrities and politicians -- especially those involving sexual and financial scandals -- racism remains one of ... Read More
U.S.

Looking for Racism

Liberals are expanding the definition of racism to silence their political opponents and justify their expansive claims on power. Despite America’s penchant for comeback stories and apology tours for celebrities and politicians -- especially those involving sexual and financial scandals -- racism remains one of ... Read More

Searching for a Sign

I’ve been waiting for almost six months to see a Biden-Harris yard sign in my neighborhood. Finally one -- just one -- appeared about two weeks ago. It is large and proud. The homeowners even equipped it with a spotlight, so that it is visible at night. I’m surprised, because liberal political yard signs ... Read More

Searching for a Sign

I’ve been waiting for almost six months to see a Biden-Harris yard sign in my neighborhood. Finally one -- just one -- appeared about two weeks ago. It is large and proud. The homeowners even equipped it with a spotlight, so that it is visible at night. I’m surprised, because liberal political yard signs ... Read More
Politics & Policy

Some Answers for Nicholas Kristof

The New York Times columnist uses a series of “questions” — not all of them phrased in a way that would be acceptable on Jeopardy — to urge religious conservatives to adopt a more “nuanced” position on abortion. Q: “Why do so many [Christians] see fervent opposition to any abortion as a religious ... Read More
Politics & Policy

Some Answers for Nicholas Kristof

The New York Times columnist uses a series of “questions” — not all of them phrased in a way that would be acceptable on Jeopardy — to urge religious conservatives to adopt a more “nuanced” position on abortion. Q: “Why do so many [Christians] see fervent opposition to any abortion as a religious ... Read More