Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Lessons learned from Stratfor hack
Tuesday - 1/3/2012, 5:48pm EST
Federal News Radio
Just before the holidays, the hacker collective Anonymous is reported to have struck again — this time targeting defense intelligence organization Stratfor.
The hackers posted email addresses, credit card numbers and personal information of more the more than 800,000 people who subscribed to Stratfor's publications.
Richard Stiennon, the chief research analyst at IT Harvest and the author of the books Surviving Cyberwar and the forthcoming Cyber Defense: Countering Targeted Attacks, joined In Depth with Francis Rose with some lessons learned from the hack.
Stiennon reviewed the leaked information and wrote in a Forbes blog post that the passwords revealed "are an abject lesson in password strength."
Among the email addresses leaked were several ".gov" and ".mil" accounts, in addition to many accounts tied to major government contractors.
For example, by Stiennon's count, 12 Raytheon employees, eight IBM employees and 15 from SAIC had their accounts compromised.
Stiennon recommended complex passwords even for "throw-away" accounts and two-factor authentication for email accounts.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.