November 8, 2013 No Comments-
The Syrian Electronic Army claimed to have “gained access” to the Twitter and Facebook accounts of the President of the United States, Barack Obama, last week. But how did this happen to the world’s most powerful man – and does this mean that no one is safe from potential digital destruction?
The good news is that Twitter and Facebook’s security managed to avoid exploitation by the Syrian Electronic Army (SEA) – so if you use those services, don’t worry. It was actually Obama’s own website, BarackObama.com, that was compromised by the criminals.
This occurred because the President uses BarackObama.com to shorten website URLs, allowing him to post links to articles and websites without needing to use the full address. For example, the address http://www.BarackObama.com/Healthcare might become OFA.com/ad3fse.
It was this “link shortening” mechanism that the hackers took control of, redirecting any visitors to links like OFA.com/ad3fse to a website of their choosing.
This is the huge problem with link shorteners – you just can’t tell where you’re going to end up. Think of it like this – would you close your eyes and walk down an alleyway if you had no idea what was down there?
However, because using them is so popular on Twitter, where users only have a limited number of characters to express themselves, they have become widely accepted across the web. Luckily, there are some free services on the internet that will automatically check out links for you – like http://longurl.org/.
Copy and paste any short URL into that and http://longurl.org/ will tell you exactly where you would have ended up if you had clicked the link – useful if you don’t want to end up on a pro-SEA website.
Aside from reminding users not to trust short links, Obama’s hacking also had another important message for us: don’t keep vital, private information in your email accounts.
It was through an email account – one of Obama’s staff – that the link shortener was hacked. An employee of Obama’s had the usernames and passwords for BarackObama.com stored in their inbox, so when hackers gained access to their email, they instantly got all they needed to cause chaos.
Most of us don’t have our own websites, nor a team of advisors who could provide security holes, but we sometimes do silly things. Keeping passwords and other vitally important information in your email account is one of them.
Do you have any data in your inbox that could potentially cause you trouble if it got out? If so, why not delete it?
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive