Thompson Reuters has confirmed it is the latest media organisation to have its Twitter account hacked by the Syrian Electronic Army (SEA).
Since May 2011, the hacktivist group, which is loyal to Syrian president Bashar al-Assad, has attacked several media organisations, including the BBC, Associated Press, the Financial Times and the Guardian.
More recently, the SEA hacked into systems behind the Viber mobile Wi-Fi calling and messaging app and claimed to have stolen millions of users’ details from users of video and text messaging app Tango.
The Thompson Reuters Twitter account was suspended on Monday for investigation, after it taken over by the SEA, which tweeted links to several political cartoons supporting Assad.
The SEA's continuing success suggests media firms still have a way to go in protecting themselves from phishing, which the group typically uses to trick employees into revealing Twitter account credentials.
“With so many media outlets targeted by SEA in recent months, one might assume that lessons have been learnt, but in reality, it is increasingly difficult to protect yourself against sophisticated phishing attacks, such as the ones by SEA,” said George Anderson of security firm Webroot.
“As attacks become more targeted, businesses must be more vigilant, ensuring their cyber security strategy works in real-time and therefore constantly adapts to new threats.
“The problem is that most anti-phishing security technology relies too heavily on trying to find and build blacklists of phishing sites and then using those to block the users’ when they click on the link,” he said.
Read more about hacktivism
- Hacktivists target MP's website
- Ghost Shell hacktivists publish over a million credentials
- The hacktivist threat to enterprise security
- UK hacktivist cases should spur business to action, says lawyer
- Security intelligence firm Stratfor investigates hacktivist attack
- RSA 2012: Forget about hacktivists, say security experts
- Probing Anonymous hacktivists a serious challenge for researchers
- Anti-ACTA hacktivists attack Polish government sites
- 2012 Verizon DBIR: Hacktivists make impact on data breach statistics
- Website weaknesses at fault in T-Mobile hacktivist attack
According to Anderson, this approach is not fast enough because any phishing site created to fool one specific company or individual, may only be ‘live’ for a few hours.
“The key is to create real-time threat monitoring run from the cloud. This means such attacks will be spotted quickly and addressed before they develop into major problems,” George Anderson said.
This, and other similar attacks, illustrate how information is both an asset to be protected and a weapon to be used, said Jarno Limnell, director of cyber security at Stonesoft, a McAfee Group Company.
“Media Twitter feeds are obviously far-reaching and powerful mediums and they are prime targets for groups seeking to modify public information or to release information not previously published,” he said.
According to Limnell, this latest hack by the SEA further testifies to the importance of cyber space being a part of every contemporary conflict.
“The falling financial costs of an attack have enabled the emergence of novel political actors that need to be taken seriously,” he said.