In the movies, hackers often type away at a keyboard and somehow -- movie magic, perhaps -- manage to crack a network's security and access encrypted files and protected data. In real life, bypassing security measures can be as simple as sweet-talking tech support.
That is how tech journalist Mat Honan, a former Gizmodo writer, came under attack. Someone called Apple's support staff and gained control of Honan's iCloud storage account, which compromised his associated Apple devices, and even his Gmail and Twitter accounts.
Honan could only watch as his iPhone went dead, and his iPad and MacBook contents were erased. The hacker brazenly sent racist tweets not only from Honan's personal Twitter account but also from a Gizmodo account he used when he worked there.
If all this could happen to a tech-savvy writer, how safe can the average user be?
"The most important thing to understand is that this is not a hacking attack," said Alan Webber, principal analyst for the Altimeter Group. "It is totally a social engineering problem -- 100 percent."
Mat Honan and Apple did not respond to our request for further details.
Social Networking Opens Social Engineering Window
Just as users need to be cautious about the phishing techniques used to steal personal information, they need to be aware that social networks such as Twitter and Facebook -- which allow users to share personal information about themselves -- have opened holes that hackers use to exploit their systems.
This isn't new however.
"Actually social engineering -- phishing or pretexting -- preceded technology and remains the easiest way to get through most security systems, physical or electronic," said Rob Enderle, principal analyst for the Enderle Group. "It is well past time we should have fixed this."
While it is easy to paraphrase Benjamin Franklin, who suggested that "he who sacrifices freedom for security deserves neither," we actually shouldn't confuse freedom with convenience in the digital space.
"There absolutely needs to be a balance between security and convenience," Webber told TechNewsWorld. "But convenience is overrated when it comes to backing up to protect against this type of attack."
- August 2012 (8)
- November 2011 (7)
- October 2011 (6)
- July 2011 (4)
- March 2011 (2)
- February 2011 (6)
- January 2011 (16)
- December 2010 (28)
- November 2010 (20)
- October 2010 (16)
- September 2010 (19)
- August 2010 (16)
- July 2010 (20)
- June 2010 (35)
- May 2010 (5)
- April 2010 (31)
- March 2010 (1)
- December 2009 (1)