Pen Testers Break Into Gov't Agency With Fake Social Media ID 109
itwbennett writes "Security experts used fake Facebook and LinkedIn profiles to penetrate the defenses of an (unnamed) U.S. government agency with a high level of cybersecurity awareness. The attack was part of a sanctioned penetration test performed in 2012 and its results were presented Wednesday at the RSA Europe security conference in Amsterdam. The testers built a credible online identity for a fictional woman named Emily Williams and used that identity to pose as a new hire at the targeted organization. The attackers managed to launch sophisticated attacks against the agency's employees, including an IT security manager who didn't even have a social media presence. Within the first 15 hours, Emily Williams had 60 Facebook connections and 55 LinkedIn connections with employees from the targeted organization and its contractors. After 24 hours she had 3 job offers from other companies."
Pen testers? (Score:5, Funny)
What else do we expect to do? (Score:5, Funny)
And yet when I accuse people I just met at the company of being Chinese spies, I am the one who is sent to HR. There is some kind of double standard here.
Re:Security? (Score:3, Funny)
So you're to blame for everything that's wrong with me!
Re:What else do we expect to do? (Score:2, Funny)
We don't like bad beer. We just drink American beer when we're spying on you in an attempt to fit in...