When LulzSec attacks: A survivor's story

By Robert Lemos, CSO |  Security

Between LulzSec's hacking of major organizations, such as Sony and PBS, the group found time to go after the four-person startup Unveillance. On June 3, the vandals posted documents from Unveillance CEO's Karim Hijazi as well as a recording of a conference call that they managed to join.

In this interview with CSO contributor Robert Lemos, Hijazi discusses the breach and what lessons he takes from the incident.

Also see: What would Salvador Dali make of LIGATT and LulzSec?

CSO: When did you first find out what had happened?Hijazi: We sensed something impending. There was a lot more activity based on the logs. We instituted some strong security measures that were really intense, meaning whitelisting the access to the environment entirely, which means that you had to be explicitly known to get in. And that completely stifled any effort to get in to the systems. And then I guess they started working on my email environment, because that was not hosted by me, but by Google. Yet, again. They were able to solicit my work email and what they claimed to be my personal email as well. My mistake was not using two factor. The facility was available. I'll be really honest, had I used that, it may have been a different story. The problem is that ultimately, these guys were pretty adamant about trying to get in. There are a lot of accusations made here, but the reality is that they were extorting me, whether for money or for our botnet intelligence.

When did LulzSec first contact you?We sensed some strange activity prior to the 25th of May, but the official first contact, if you will, happened late in the evening on the 25th at 3 a.m., so very early morning on the 26th of May. And it was an email that came in via a Hushmail address that was fairly ominous, that had in the subject line one of my passwords. It got my attention, basically. It was a very innocuous first email, but scary enough to make me pay attention. It was, "Let us talk."

Any other signs, besides the log traffic, that something was going on?The only reason I wasn't caught off guard was because earlier that evening, I could tell that my emails were going from "unread" to "read" and back to "unread." So, I knew something was up.


Originally published on CSO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question