Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
Shows & Panels
Lessons learned from Stratfor hack
Tuesday - 1/3/2012, 5:48pm EST
Federal News Radio
Just before the holidays, the hacker collective Anonymous is reported to have struck again — this time targeting defense intelligence organization Stratfor.
The hackers posted email addresses, credit card numbers and personal information of more the more than 800,000 people who subscribed to Stratfor's publications.
Richard Stiennon, the chief research analyst at IT Harvest and the author of the books Surviving Cyberwar and the forthcoming Cyber Defense: Countering Targeted Attacks, joined In Depth with Francis Rose with some lessons learned from the hack.
Stiennon reviewed the leaked information and wrote in a Forbes blog post that the passwords revealed "are an abject lesson in password strength."
Among the email addresses leaked were several ".gov" and ".mil" accounts, in addition to many accounts tied to major government contractors.
For example, by Stiennon's count, 12 Raytheon employees, eight IBM employees and 15 from SAIC had their accounts compromised.
Stiennon recommended complex passwords even for "throw-away" accounts and two-factor authentication for email accounts.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.