Reply to post: Re: Flock of Seagulls

Iran tried to hack hundreds of politicians, journalists email accounts last month, warns Microsoft

doublelayer Silver badge

Re: Flock of Seagulls

"I find it hard to get worked up about email hacking."

Then maybe you should think a little more about what email hacking lets you do. First, it lets you target specific people and look at their communications, including those that might be private. We're talking private because they contain sensitive information, not necessarily because they reveal unethical activity. For journalists, that might be the identity of a source. For Iranians living outside Iran, it might be the name of someone inside Iran they care about. For politicians, whether they are likely to support laws the hackers don't like. For a candidate in a campaign, the strategy they're planning to use to challenge their opponent. There's a lot you can do with that kind of information.

But there's a lot more you can do with an email. You can impersonate that person quite easily. You could of course have spoofed their address without having to access their mailbox. But with that access, you don't have to do that; anyone who checks thoroughly will still think the message came from their mail system because it did. Having read the messages they send, you can better imitate their style, making your message more convincing. And you can intercept replies to your message, hide them from the actual user, and reply to them at your convenience.

Have you considered that the more strenuous attacks you mention probably have an email attack as one of their components? It is always possible that [insert group of evil people] have found a device on the internet that they can access and it lets them turn the power off. Given the security of these systems, it's likely there exist a few things of that nature. But you still have to find them, gain access without arousing suspicion, and understand how they work. Meanwhile, it might also be a little useful to gain access to the email of one of the engineers of the company and watch for technical documentation. Now you know how the system works. If you don't have access to the system yet, the credentials you just stole from the email probably help. And if the system either doesn't have an insecure thing online or you haven't found one, your access to the internal email gives you the option to get some malware in. Many targeted attacks begin in just this manner. Usually, it's by spear phishing for credentials or malware installation, but then it immediately turns to email compromise.

If you can't see that email attacks can be quite dangerous, you might need to think about it more.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019