Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Hacking Harry - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Hacking Harry

Well, it was bound to happen.  The "research" chat rooms and mailing lists are all buzzing about the clever hack that somebody claims to have pulled off.  We'll know for sure when the book comes out and we confirm or deny what's going on.  We're not going to reveal the supposed ending for those who enjoy reading the series about the young wizard but there's plenty of web sites that are already spoiling the fun.  So if you know somebody who is a Harry Potter fan and doesn't want to be spoiled, warn them about the supposed leak.

If it's true, then the way the bandit pulled of the heist should be noted by anybody responsible for protecting "secrets" whether they are national secrets, homeland security secrets (ahem!), or intellectual property secrets.  According to anonymous posts on a popular mailing list, a "usual milw0rm downloaded exploit" was delivered by targeting email to employees of the publishing company.  One or more employees clicked on the link, a browser opened, and they clicked on an animated icon.  The malware in the animated icon then opened up a reverse shell and it was game over.  Apparently there were plenty of draft copies laying around inside the company's harddrives so downloading a personal copy was easy.  I suppose if you watched The Devil Wears Prada last year you are thinking "yes, that's probably true." 

Note to CIOs:  you must recognize targeted attacks as a serious threat to the protection of your organization's intellectual property.  This is no longer just a theory or academic exercise.

Marcus H. Sachs
Director, SANS Internet Storm Center

Marcus

301 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!