Syria’s State-Sponsored Phishing Attack Nets an Onion

 

The-Onion-LogoEarlier this month, popular website and newspaper The Onion, which offers a satirical look at the news and current events, had their Twitter account hacked by a Syrian group calling themselves the Syrian Electronic Army. The account was then used to send series of anti-Israel posts and posts attacking the US and United Nations. The Onion has revealed that the hack happened courtesy of a phishing attack and that one foolish employee and some sloppy security are to blame. In a post on their website they explained in detail:

Once the attackers had access to one Onion employee’s account, they used that account to send the same email to more Onion staff at about 2:30 AM on Monday, May 6. Coming from a trusted address, many staff members clicked the link, but most refrained from entering their login credentials. Two staff members did enter their credentials, one of whom had access to all of our social media accounts.

After discovering that at least one account had been compromised, we sent a company-wide email to change email passwords immediately. The attacker used their access to a different, undiscovered compromised account to send a duplicate email which included a link to the phishing page disguised as a password-reset link. This dupe email was not sent to any member of the tech or IT teams, so it went undetected. This third and final phishing attack compromised at least 2 more accounts. One of these accounts was used to continue owning our Twitter account.

To their credit, the Onion’s IT staff readily admitted their mistakes, saying the email addresses linked to their social media accounts should have been isolated from the rest of the company’s email and that it’s obvious they need to better educate their users. Education is never enough though, because you never know when a user will get impulsive, greedy, or just plain tired and not think before clicking. Humans are well…human. That’s why it’s important to protect your network and its data with software and hardware solutions and a little common sense.

Has your company ever been hacked? If so, what happened and what did you do to keep it from happening again?

Written by Sue Walsh

0 Comments

  1. Cass · May 17, 2013

    Good for them that they reacted promptly! it also deserves respect that they admit what happened instead of disguising it by meaningless phrases. This case however is a reminder for all of us about how easy it is to become a hacking victim and how unpleasant the consequences might be.

  2. qvc uk · May 17, 2013

    I wanted to thank you for this excellent read!! I certainly enjoyed every bit of it.
    I have got you bookmarked to look at new things you post…

  3. Steve · May 23, 2013

    Haha! Now who’s becoming a laughing stock. It makes you question, what kind of IT policy does the Onion have, or are there some staff out there who seem to lose their smarts once in a while? Honestly, it feels quite odd to read something serious about the Onion. I’m so used to their satire I could no longer think of them as professionals.

  4. Sarah · May 28, 2013

    I think you’re being a little harsh, Steve, though you’ve got some good points right there. Knowing that they’re mostly online, they should have known better how to properly secure themselves. Well, we can attribute this to the human instinct to fail. We just make poor judgments sometimes. Like Cass said, though, it’s a good thing they’re able to detect the issue quickly.

  5. Adlai · May 28, 2013

    “Education is never enough though, because you never know when a user will get impulsive, greedy, or just plain tired and not think before clicking.” Whether it’s a satirical site like The Onion or a regular website, this statement is true. If people are not properly educated, attacks like this can really happen. It’s a good thing that The Onion reacted promptly so that further attacks were prevented (well, even if some damage had already been done!). At least, people were rightfully informed about what happened. This incident also signifies the importance of regularly educating employees and updating security measures.

Leave A Reply