Syrian Electronic Army Hacks White House Media Team
Three White House social media staffers had their personal Gmail accounts compromised by members of the Syrian Electronic Army (SEA).
The accounts were compromised via a phishing attack that used emails disguised as legitimate communications from the BBC and CNN, reported Nextgov. Instead, the emails included links to fake -- but real-looking -- Google and Twitter pages, which requested that the recipients enter their log-in details. The attackers then used the stolen credentials to launch phishing attacks on other White House staffers, as recently as Sunday night.
According to one security expert, finding the names and contact details for staffers in charge of social media operations at the White House would have been a relatively simple endeavor. "I imagine that the names and email addresses of people at the White House in digital media or anything related to media are easy to find since their job involves public access," Jeffrey Carr, a cyberwarfare specialist at consultancy Taia Global, told Nextgov. "A list of targets would be created from open sources and that's who the phishing email would be delivered to."