Inside Forbes: After a Digital Attack, a Story of Recovery and What It Means

Forbes.com came under digital attack last week. It began Thursday and continued into Friday. On Twitter, the Syrian Electronic Army, supporters of Syrian President Bashar al-Assad, claimed responsibility, just as it did with attacks on Facebook, BBC News, The Washington Post, the Associated Press and others (Kickstarter was hit by still-unidentified hackers as well). Late Friday morning, FORBES received an email with a screen grab purporting to show information captured from our publishing database. The author implied the attack would stop if “fees” were paid.

It was a difficult 48 hours. A discussion with the FBI was sobering, at times a bit scary. Most SEA attacks on media organizations involve public defacement of a Web site. This time, data was allegedly collected (that was confirmed on Sunday). A hacker, perhaps more than one, gained access to our publishing platform through spear phishing – a series of emails to our staffers that came from a news source that was previously targeted by the SEA. Unwittingly, passwords were provided that compromised the backend of our publishing system, which supports FORBES editors and reporters, 1,200 contributors and our BrandVoice partners.

We took quick action on Thursday to lock down the platform, limiting our ability to publish. We made what we thought were corrective adjustments, then reopened the system for staffers and contributors to continue their work. Hours later, it became clear the attack was continuing. Once again we locked down the platform, making additional modifications. It was reopened for the overnight hours. Friday morning brought more of the same, so we decided to shut down the normal publishing process for the holiday weekend.

via Inside Forbes: After a Digital Attack, a Story of Recovery and What It Means.

———————————————-

Journal of Law & Cyber Warfare | www.jlcw.org The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners.  The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners. The Journal of Law & Cyber Warfare is honored by the world class caliber editorial board that is involved with the Journal. Thought leaders from forensics, law, warfare, and cyber security are on the Board. The Journal is always looking for interested thought leaders who believe they can contribute in a meaningful fashion to the development of cyber warfare scholarship.