Was This the Phishing E-mail That Took Down RSA? 165
alphadogg tips this IDG News report: "'I forward this file to you for review. Please open and view it.' As a ploy to get a hapless EMC recruiter to open up a booby-trapped Excel spreadsheet, it may not be the most sophisticated piece of work. But researchers at F-Secure believe that it was enough to break into one of the most respected computer security companies on the planet, and a first step in a complex attack that ultimately threatened the security of major U.S. defense contractors including Lockheed Martin, L-3, and Northrop Grumman. The e-mail was sent on March 3 and uploaded to VirusTotal a free service used to scan suspicious messages, on March 19, two days after RSA went public with the news that it had been hacked in one of the worst security breaches ever."
Re:All it takes (Score:4, Interesting)
Re:Flash Embedded in Excel? (Score:5, Interesting)
Indeed, there should be a strict separation between documents (things you merely view and possibly edit) and programs (things which do something). Unfortunately that line has been crossed by about every document format, from office files (Word, Excel, ...) over HTML (JavaScript) to PDF.
There should be a set of standard document formats which are guaranteed to not contain any executable code whatsoever, so except for possibly exploiting buffer overflows in interpreting code, displaying the documents is safe. It should be impossible by specification to insert any "active content", i.e. programs, in such documents.
MS is vulnerable. Period. (Score:4, Interesting)
MS is vulnerable because its the biggest target out there.
While it's true that few people would try to exploit a system nobody uses, MS does its share of the effort to become insecure.
In this specific case, the first breach was done by a Flash program embedded in an Excel spreadsheet. We are going waaay back to all that DDE/COM/OLE/ActiveX thing that has been opening so many backdoors in Microsoft systems for the last decades. Broken by design.
Re:All it takes (Score:3, Interesting)
You would love to read "The Cuckoo's Egg" by Cliff Stoll. A lengthy but very interesting read.
http://en.wikipedia.org/wiki/The_Cuckoo's_Egg_(book) [wikipedia.org]
Re:All it takes (Score:5, Interesting)