IT Blogs & News - Written by IT Professionals - iuvo Technologies

Security Lessons Learned from the Syrian Electronic Army

Written by Bryon Beilman | May 13, 2014 3:11:13 PM

by Bryon D Beilman

An article written by Ira Winkler on ComputerWorld describes his adventures with members of the Syrian Electronic Army and their attempt to attack him. The SEA has published well know attacks on the New York Times, Huffington Post and as Ira describes a minor attack on an RSA Conference Server.

Securing your servers, firewalls and patching your applications are all very good ideas, but just like I described in http://www.iuvotech.com/blog/security-considerations-of-social-media/ , the easiest way to get past security is to get someone to give you their password.  This seems to be the primary method of the SEA.  It doesn't appear that they utilized esoteric buffer overflows of unpatched apache binaries.  They send phishing emails to get peoples social media and twitter accounts. They then read their emails and try to get other passwords, since very often people use similar passwords for everything.

Three tips that will help keep you safe.

  • Educate yourself about SPAM and PHISHING email.  It is too long to go here, but be careful about all email from people you don't know and be cautious about any links or attachments in an email. A brief guideline can be found here (5 ways to protect yourself from Phishing).
  • Use multi factor authentication when possible. It is generally something you have and something you know. A common example is that some banking sites ask you to put in a password  (that you have) and to identify a picture or personal information (that you know).
  • Use complex and different passwords for your different servers or services.  This is rarely done because it is too difficult to remember, but if you use the same username and password for everything, then all it takes is one breach and everything is vulnerable.  A common and easy to use tool to help you with this is password safe.  It is a tool that will provide an encrypted container for your passwords and allow you to store and use different passwords. It also allows you a secure way to copy/paste those passwords into the application.

Securing your information and your services is important and it really starts with you.