Sophisticated, Targeted Breakins Uncovered

Ichabod writes "Sophisticated computer criminals stole data from Unisys, Booz Allen, L-3 Communications, Hewlett Packard, and Hughes Network Systems. It sounds like they used a combination of social hacking and undetected low-profile malware (reportedly NTOS.exe) to steal and encrypt sensitive data, and compromised Yahoo accounts to store and retrieve it. An international investigation appears imminent. And yes, unfortunately Reuters calls the criminals 'hackers,' further besmirching the once-revered title."

Interesting new avenue for social engineering...

[ringfinger]

Put job ads in front of disgruntled employees and ask them to create accounts to apply -- then watch as they merrily type in their favorite usernames/passwords into your cracker system. Easy as pie...

more data please

[scolbert]

Wouldn't it be nice if we could get more data on these security breeches? The articles are so lite weight. What technique? What data? I think the more we learn about these problems, the more bullet proof we can make our systems. We are at a disadvantage in that the criminal understands the vulnerability and can exploit it over and over again.

Sammy at IT/Personafile

Re:Better writeup at WaPo

[BobMcD]

You'd think so, yeah, and I was going to mod you up for it, but some one here has their wires crossed...

Reuters story: Hackers steal data, moving it in encrypted form to their own servers.

A Department of Transportation spokeswoman said the agency couldn't find any indication of a security breach WaPo/Kaspersky story: Hackers sew up customer data in encryption, leaving behind a ransom note asking $300 for the key.

Those are similar, down even to the list of companies. But I wonder, if all the DoT's data is encrypted, and there's a ransom note, how they failed to detect that?

In seriousness, I wonder what the truth of the matter is... Did BOTH of these events occur? If so, there's likely to be some InfoSec jobs opening up real soon.