[clug] Hack attack on University of East Anglia's Climatic Research Unit

Lana Brindley lanabrindley at gmail.com
Mon Nov 23 00:29:35 MST 2009

2009/11/23 Steve Walsh <steve at nerdvana.org.au>:
> On 11/21/2009 05:07 PM, Daniel Pittman wrote:
>> Nope.  It is pretty much impossible to know without access to the
>> technical
>> details from the site.
>> If you are looking for a general lesson to take home, the most commonly
>> disclosed causes of attacks like this are:
>> 1. Someone uses the same username and password for their corporate or
>>    University login that they do for a low-value online site, and someone
>>    obtains those credentials.
>> 2. Someone uses a weak password, full stop.
>> 3. Someone didn't keep patches up to date, so a three year old
>> vulnerability
>>    got exploited for the attacker to get in.
> or
> 4. Someone got phished with the "please update your webmail records" email,
> and they just logged in and got what they needed that way.
> Not every hack requires bad username/password policy or lack of patch plan,
> the old ways are still the best (Hi, Sylvia, it's Chris from the helpdesk.
> I'm updating records, and the details I have for your username and password
> don't match, can I get them again? Ok, so it's sysmith, yep, got that and
> the password is...? RodgerDodger78? Oh, ok, I see what happened, we had 87.
> thanks! )

Otherwise known as the "Kevin Mitnick school of hacking and other
social engineering trickery".

There's a lot to be learned from that guy for any organisation that
thinks their information is safe.


Cheers! Lana

Whatever women do they must do twice as well as men to be thought half
as good. Luckily this is not difficult.
  - Charlotte Whitton


Please avoid sending me Word, Powerpoint or Windows Media attachments.

See http://www.gnu.org/philosophy/no-word-attachments.html for more information.


More information about the linux mailing list