[ISN] Third-Party Service Providers Scrutinized After SEA’s Reuters Hack

http://www.eweek.com/security/third-party-service-providers-scrutinized-after-seas-reuters-hack.html By Robert Lemos eWEEK.com 2014-06-25 One content provider’s lapse in spotting the odd behavior of privileged users allowed the Syrian Electronic Army cyber-propaganda group to deface Reuters.com. As popular cyber-attack targets continue to make progress in locking down access to their networks and data, attackers searching for other ways to compromise their targets have increasingly focused on another weak point—third-party suppliers and contractors. On June 23, hackers from the propaganda group known as the Syrian Electronic Army redirected visitors to some Reuters articles to a defacement page that berated the news organizations for “fake reports and false articles about Syria.” The attackers did not breach Reuters network, however, but modified a content widget provided by Taboola, which normally allows media sites to monetize their page views. The SEA fooled one company employee, which the firm refers to as a “user,” into giving up their password and then used the access to Taboola’s Backstage platform to change the header in the Reuters widget, the company said in an analysis of the attack. […]