The French Connection Attack

 

The French Connection attack is a reminder of how hackers can reach just about anything. It also highlights the limits of security systems. Security company Symantec described the incident as a "sobering reminder of how powerful and widespread hacking is."

French service television network TV5Monde was attacked last week, resulting in a blackout of all its broadcasts. It was hacked by individuals claiming to belong to Islamic State, who also took control of the company's social media accounts and website.

Usually companies separate their computer networks by different zones so that attackers cannot get to critical production computers, for example those that send out television signals. But reports suggest that TV5Monde's security systems were not as strong as it could have been, leaving the company open to attack from a lower level. This type of attack is known as a social engineering hack. Attackers figured out who to email and call, what procedures the company followed for sending money and the hierarchy of who answers to whom within the organization. In this case, the attackers impersonated a company employee who had rights to wire funds and convinced him or her to perform a test transfer, said Symantec.

This is what allowed the attackers to take over the TV5Monde system and damage it. The security firm said the attackers then used a Ukrainian RAT (Remote Access Trojan program) to root around the corporation's servers, which were exposed to the internet. They also used an Israeli cellphone network to communicate with the Ukraine RAT.

The hackers then gained access to the company's back-end systems and grabbed a selection of private internal data. It included passport and identification card scans for staff members, who are believed to include the CEO, CFO and COO. The front-end servers that process payments for the company's online outlets were not breached, The Register reported.

This latest attack, using the same tactics as an April REvil attack, highlighted the weakness of some companies' security systems. It's also a reminder that the REvil gang (or gangs) has developed a standard attack strategy and is selling it to other hackers.

The 31-year-old suspect in the The french connection fact or fiction  Connection attack, who was a Syrian refugee, has been arrested in France. The discovery of his identity has sparked renewed debate in the country about migration policies. It also prompted Newt Gingrich to release an ad attacking Mitt Romney for speaking French, but the video did not mention that the US presidential candidate spent two years in Paris and Bordeaux as a Mormon missionary in the 1960s. In fact, he has a doctorate in European history.