//
you're reading...
Security

Stratfor Hacked: 860,000 Subscribers’ Data Compromised

Stratfor Main Page

A screenshot of the Stratfor's site. Accessed 5 Jan 2012.

If you’re in the security community (or even if you’re not), I’m sure you’ve heard of it. If not, well I hope you enjoyed your Christmas and New Year vacations under that big rock in some unknown cave.

So, remember the 2011 back-to-back incident at SONY? Well, that was stupidity. You’d think other companies and institutions will learn from their mistake and learn to encrypt their data. Just recently, 200GB of data were stolen from Stratfor with little to no encryption. And make no mistake, they have used the stolen data conduct trasactions (or donations) online. This recent event is just downright alarming.

In case you are not familiar with the intelligence community, Strategic Forecasting, Inc. (STRATFOR) is a global intelligence company based in Texas that provides analysis of national and international affairs. It was known for its secrecy, especially its confidential client list.

Last 24th of December, Stratfor fell victim to a high-profile case of cyber-theft. Stratfor took its website off-line and confirmed the attack on its Facebook page.

It was reported that operation AntiSec of Anonymous claimed responsibility for the attack. However, in an Emergency Christmas Anonymous Press Release, it said that “Hackers claiming to be Anonymous have distorted this truth in order to further their hidden agenda, and some Anons have taken the bait.” And that, “Anonymous does not attack media sources. […]As a media source, Stratfor’s work is protected by the freedom of press, a principle which Anonymous values greatly.”

The data was released in two batches and disclosed about 75,000 names, addresses and credit card numbers associated with Stratfor customers. (You can read about them here, here and here.

AntiSec said it targeted Stratfor in part because it had poor network security. Also in 2011, hacking group LulzSec gained attention for successfully hacking into parts of websites owned by Sony Pictures, the CIA and the U.S. Senate.

I hope you at least considered my advice on how to protect your privacy. And while identity theft is the most apparent issue raised by these attacks, it is by no means the only one. All our online interactions and transactions depends highly on trust: their trust in our identity, and our trust in the company or institution and trust in their system to protect our data. And to maintain that trust is the foundation of the internet as we know it today.

Ronal Regan once said, “Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire, it wafts across the electrified borders.” This is the information age and to control and safeguard the activity on information infrastructures must be on top of our priorities.

The nature of these attacks underscores the need for robust security audits at institutions and corporations of all sizes. And since I can’t say this enough: this will happen again. Maybe not to Stratfor, but it will. It is not just ironic that this major security breach happened to a leading security think tank. It is inexcusable.

Advertisements

About princess of antiquity

Abbi Cabanding is a member of the Security Bloggers Network and had been blogging on information security since 2006. She is also a member of the Association for Computing Machinery. She studied Computer Science and Fine Arts at the University of the Philippines - Diliman.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Sin of Silence E-Book


SIN OF SILENCE:
THE STORIES OF OUR DAYS
download:
single-page view
two-page view

On Wordpress

  • 94,967 readers

Subscribe via FeedBurner

Enter your email address to receive notifications by email.

Princess of Antiquity on Twitter

Error: Twitter did not respond. Please wait a few minutes and refresh this page.

RSS Princess of Antiquity on Tumblr

  • An error has occurred; the feed is probably down. Try again later.

Creative Commons

Creative Commons License
Original content in this work is licensed under a Creative Commons License.
%d bloggers like this: