If you’re after insider information, hack a newsroom. If you want to send a message, hack several.
The latter seems to be the strategy behind the Syrian Electronic Army’s (SEA) cyber-rampage against the media industry. While its last couple of hacks against The Guardian and the Associated Press made international headlines, the group has been on the assault for months leaving a number of media companies in its wake.
The BBC, France24 TV, Al-Jazeera and National Public Radio (NPR) in the US have all been on the receiving end of the SEA’s wrath. At a glance it seems as if the SEA is just targeting media companies, but there’s another commonality at play here. The hackers have made an effort to abuse the Twitter accounts of these agencies.
SEA’s tactic is further example of the myriad strategies utilised by hackers. While the Chinese hackers attacked The New York Times to pilfer its vast volumes of data, the SEA attack has the tell-tale signs of hacktivism, with a particular bend towards exploiting social media platforms.
Curiously, both attacks relied on spearphishing to gain access, but that’s where the similarities end. SEA’s single-minded pursuit of news agencies highlights that hacking into an agency Twitter account can deliver plenty of influence, certainly enough to cause Wall Street a few jitters.
The reason for this is that the news agencies still exude a modicum of credibility in this sea of information that we call the internet. Combine that with the ever increasing integration of Twitter into the daily news cycle and you have an instant recipe for making a mark.
The SEA’s attacks on the Twitter accounts of the various news rooms, where made on the premise that whatever they tweet from those accounts will be more likely to make a dent on the Twittersphere.
Now that they have their strategy down pat, the SEA is starting to experiment with tactics. They’re getting savvy with their hacking and are taking on bigger challenges with each attack. Take their last three major attacks for instance.
With their hack of the Associated Press, the SEA didn’t spruik their usual propaganda, but rather caused a mini-crash on Wall Street with misinformation.
Before they targeted The Guardian, the SEA hit FIFA and its president, Joseph "Sepp" Blatter’s Twitter accounts to see what kind of reaction they would get from a high-profile non-newsroom attack.
And then with The Guardian hack, the collective targeted 11 of the company’s accounts at the same time to further extend their reach. There’s an escalating trend here, so it’s fair to expect that they will look to up the ante again.
So, what can the media industry do to protect itself? Well, securing their social media channels might be a start.
The problem is, journalists are always going to be vulnerable to email phishing attacks, because opening and clicking emails is really just part of the job. However, the rash of Twitter related breaches does bolster the case for the introduction of stronger social media policies, not just in newsrooms but all organisations.
While social media platforms are becoming a prominent in organisations, security protocols are patently failing to keep place. There are minimal security and governance oversights and when accompanied with lax passwords, the job of the hackers is made all that simple.
At least Twitter’s not standing still. Wired claims that Twitter is taking the hacks personally and is set to implement a two-level authentication system to deter further breaches. Simply put, that means that you need to enter in more than just a password and a user name to access an account.
But before Twitter acts, we are more than likely to see another attack from the SEA. Aside from a bit of embarrassment for the newsrooms involved, the group’s propaganda agenda has so far been relatively harmless. But if the group decides to do more than just send a message, then we may be in for some real trouble.