BuzzFeed recently has been hacked by a group named OurMine. It looked like revenge for the fact that the news website posted a story that claimed to unmask one of the members. In reaction to the story the group posted a message saying:
“Hacked by OurMine team, don’t share fake news about us again, we have your database. Next time it will be public. Don’t fuck with OurMine again.”
-The Guardian, 2016
The group is claiming that they have the database of BuzzFeed containing emails, password hashes and usernames. And it is not the first time that the group was able to perform a high profile hack. They already hacked Facebook founder Mark Zuckenberg, Google CEO Sundar Pichai and the servers for Niantic’s Pokemon Go. This shows that the group really understands their ‘job’ (The Guardian, 2016).
Following this news from the 5th of October 2016, a day later the Cyber Security Raad, an advisory department of the Dutch government, says that the government should invest a lot more in the protection of the information security for external threats. They even suggest that companies need to invest more in cyber security, at least 10% of their IT budget. If possible, enforced by legislation (Nu.nl).
However, the fun thing is, the group called OurMine is not making use from weak spots of companies and government digital security software. No, they make use of phishing and social engineering. With the use of this methods they are able to intercept or figure out passwords (Wired, 2016).
This shows that hackers are already, although phishing is a well-known method, using different methods to hack companies and/or governments. Therefore, is it good to only focus on cyber security if groups like OurMine are already (successfully) using different kind of methods?
Luckily enough, the OurMine group says it wants to be known as “white hat” information security consultants. Their goal is to “upgrade people’s security”. After hacking YouTube video-maker Jordi van den Bussche, they even gave him some tips and trick how to improve his protection (The Guardian, 2016.
References:
http://www.nu.nl/internet/4332482/volgend-kabinet-moet-investeren-in-digitale-veiligheid.html
http://www.wired.co.uk/article/buzzfeed-hack-ourmine
https://www.theguardian.com/technology/2016/oct/05/buzzfeed-hack-ourmine-ahmad-makki-facebook-google
