Third-Party Service Providers Scrutinized After SEA's Reuters Hack

[InfoSec News <alerts () infosecnews org>]

http://www.eweek.com/security/third-party-service-providers-scrutinized-after-seas-reuters-hack.html

By Robert Lemos
eWEEK.com
2014-06-25

One content provider's lapse in spotting the odd behavior of privileged 
users allowed the Syrian Electronic Army cyber-propaganda group to deface 
Reuters.com.

As popular cyber-attack targets continue to make progress in locking down 
access to their networks and data, attackers searching for other ways to 
compromise their targets have increasingly focused on another weak 
point—third-party suppliers and contractors.

On June 23, hackers from the propaganda group known as the Syrian 
Electronic Army redirected visitors to some Reuters articles to a 
defacement page that berated the news organizations for "fake reports and 
false articles about Syria." The attackers did not breach Reuters network, 
however, but modified a content widget provided by Taboola, which normally 
allows media sites to monetize their page views.

The SEA fooled one company employee, which the firm refers to as a "user," 
into giving up their password and then used the access to Taboola's 
Backstage platform to change the header in the Reuters widget, the company 
said in an analysis of the attack.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/