Intrepid Hackers Use Chinese Takeout Menu to Access a Major Oil Company
With big companies taking every precaution against malware they can possibly think of, it's getting increasingly difficult for hackers to wedge their way in. So instead of going after the highly secure company employee accounts themselves, hackers are going after what those employees hold most dear—Chinese takeout.
According to a recent New York Times article, when hackers found themselves unable to breach a major oil company's computer network, they found an odd little way of circumventing the problem:
Unable to breach the computer network at a big oil company, hackers infected with malware the online menu of a Chinese restaurant that was popular with employees. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in the business's vast computer network.
Attacks like this (known as watering hole attacks) aren't that rare, either. This is more or less the same thing that happened to Target back in December—or rather,happened to Target's HVAC guy. Printers, thermostats, videoconferencing equipment, all of it has been used to access an otherwise rock solid security system. Still, a Chinese takeout menu feels like a violation on an entirely different level. Is nothing sacred? [New York Times]