Stratfor Relaunches Site; CEO Accuses Attackers of Censorship
Internet anonymity a security problem, George Friedman says
By Jaikumar Vijayan
January 11, 2012 — Computerworld — \\Strafor Global Intelligence CEO George Friedman on Wednesday blasted those responsible for a December attack on the global intelligence firm's website that compromised credit card information and emails belonging to thousands of subscribers.
In a YouTube video linked to the company's freshly relaunched site, Friedman accepted responsibility for Stratfor's failure to properly protect customer data while accusing the attackers of imposing a new censorship regime on the Internet.
"We are now in a world in which anonymous judges, jurors and executioners can silence whom they want," Friedman said in the video. "This is a new censorship that doesn't come openly from governments but from people hiding behind masks."
Strafor provides intelligence on global business, security and economic issues. The company has a worldwide client base, including many from within the government and military.
The company's website was breached Dec. 24 by unknown hackers who later posted the names and credit card numbers of 75,000 people who had subscribed to or paid for Stratfor's research. The hackers also posted hundreds of thousands of names and email addresses of those who had registered on Stratfor's website.
The site was taken offline after the attack and relaunched Wednesday. However, visitors to the new site were greeted with a page informing them of a service interruption -- apparently due to a high volume of interest in the site.
Hackers who said they belonged to the Anonymous hacking collective claimed responsibility for the December attack . They claimed that the real target of the attack was not credit card data but the millions of emails stored on Statfor's servers.
Others, who also claimed to be speaking on behalf of Anonymous, distanced themselves from the attack and said it was not the work of Anonymous.
According to Friedman, Strafor first learned about the attack in early December after the FBI warned the company about credit card information and customer data being stolen.
Friedman said he was prepared for the hackers to publicly disclose the breach and for the ensuing criticism that was sure to follow. "We knew our reputation would be damaged, all the more so because we had not encrypted the credit card files," he said. "This was a failure on our part. As the CEO of Stratfor, I take responsibility."
On Dec. 24, the attackers again broke into Stratfor's site and posted a note on its home page announcing the credit card and email thefts. The hackers also disclosed that they had destroyed four Stratfor servers, along with all data and backups on it, Friedman said.
Is privacy an ally of security, next of kin, or something else? These articles dig into the hows and whys of data privacy and data protection, and its relationship to enterprise security efforts.
6 ways we gave up our privacy
The effect of social networks, web 2.0 technologies, and other privacy-shaking developments
7 Firefox plugins for data privacy
Plug data-leaking holes in your web browsing
4 signs of an easy victim on social networks
Scammers and hackers of all kinds scour social sites for personal data
Potential privacy 'gotchas' in cloud computing
How to respond to a data breach notification
5 things to know about the Chief Privacy Officer
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- The CISO's Survival Guide to Securing Data
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- New PCI Tokenization Guidelines with QSA Expert
- #FFSec: Security pros to follow on Twitter, May 25
Follow these names on Twitter. Together, they make cyberspace a more secure place. (copy and paste) - Step right up and listen to the security barker
- Is the title 'security evangelist' really that bad?
More Salted Hash with Bill Brenner
