'Hack' Attack on Journo Was Just a Simple Engineering Feat

In the movies, hackers often type away at a keyboard and somehow -- movie magic, perhaps -- manage to crack a network's security and access encrypted files and protected data. In real life, bypassing security measures can be as simple as sweet-talking tech support.

That is how tech journalist Mat Honan, a former Gizmodo writer, came under attack. Someone called Apple's support staff and gained control of Honan's iCloud storage account, which compromised his associated Apple devices, and even his Gmail and Twitter accounts.

Honan could only watch as his iPhone went dead, and his iPad and MacBook contents were erased. The hacker brazenly sent racist tweets not only from Honan's personal Twitter account but also from a Gizmodo account he used when he worked there.

If all this could happen to a tech-savvy writer, how safe can the average user be?

"The most important thing to understand is that this is not a hacking attack," said Alan Webber, principal analyst for the Altimeter Group. "It is totally a social engineering problem -- 100 percent."

Mat Honan and Apple did not respond to our request for further details.
Click here

Social Networking Opens Social Engineering Window

Just as users need to be cautious about the phishing techniques used to steal personal information, they need to be aware that social networks such as Twitter and Facebook -- which allow users to share personal information about themselves -- have opened holes that hackers use to exploit their systems.

This isn't new however.

"Actually social engineering -- phishing or pretexting -- preceded technology and remains the easiest way to get through most security systems, physical or electronic," said Rob Enderle, principal analyst for the Enderle Group. "It is well past time we should have fixed this."

While it is easy to paraphrase Benjamin Franklin, who suggested that "he who sacrifices freedom for security deserves neither," we actually shouldn't confuse freedom with convenience in the digital space.

"There absolutely needs to be a balance between security and convenience," Webber told TechNewsWorld. "But convenience is overrated when it comes to backing up to protect against this type of attack."