BIRMINGHAM – After each major breach security pundits are quick to pile on the victim. The Stratfor breach by Anonymous seems to have raised more the usual amount of ire. Bloggers are criticizing the blatant lack of security controls which included unprotected servers, simple hashes for passwords, and no encryption for credit card data. Perhaps it is because so many security pundits had their own data leaked, often with easily crackable passwords.
Is Stratfor doomed? Is it going to go out of business? No, of course not. This week, Stratfor came back online after a three week absence. They have moved their hosting provider to Cloudflare, a load balanced CDN for websites. Stratfor founder George Friedman has posted a sincere apology to his clients and readers. It is well worth reading for those who may have to face a similar situation one day.
In what is turning into a PR coup Stratfor is making their content available for free. The trove of great analysis of world geo-political hotspots is serving to drown the critical Twitter posts. A search for “Stratfor” on Twitter reveals more links to their content then to articles about the breach.
Stratfor will survive this episode. I predict they will even thrive.
Meanwhile, Anonymous seems remarkably quiet on the threatened leak of over 5 million emails stolen from Stratfor. If and when they are published there will be a flurry of news stories and allegations of subterfuge. But the real value is going to be for foreign intelligence services who will mine the emails for identities, connections, and correlations.
For a glimpse into the world of cyber attacks and hacktivists, buy CyberStyletto, a new cyber crime novella that looks at the world of hacking. Richard Stiennon of IT-Harvest is the technical advisor.
a>>
