January 11, 2012

Stratfor back online after cyberhack

By CASSANDRA VINOGRAD , Associated Press

Stratfor back online after cyberhack (AP)
The home page of the Stratfor website is seen on a computer monitor in London Wendesday Jan 11, 2012. Security analysis firm Stratfor has relaunched its website after hackers brought down its servers and stole thousands of credit card numbers and other personal information belonging to its clients. Stratfor acknowledged Wednesday that the company had not encrypted customer information a major embarrassment for a security company. (AP Photo/Cassandra Vinograd)

(AP) -- Global intelligence analysis firm Stratfor has relaunched its website after hackers brought down its servers and stole thousands of credit card numbers and other personal information belonging to its customers.

Chief Executive George Friedman acknowledged for the first time Wednesday that the company had not encrypted and said this decision had embarrassed the company.

Loose-knit hacking collective Anonymous, which claimed responsibility for the attack over the Christmas holidays, had said it was able to get the details in part because Stratfor didn't bother encrypting them.

"It was a truly unforgivable failure and I feel awful about it," Friedman told The Associated Press in a telephone interview. "Sometimes in rapid growth, you make a mistake. That's not an excuse, that's not a ... It's an explanation."

Stratfor had previously declined to say if the information was left unencrypted. Members of Anonymous have said it was targeting companies "that play fast and loose with their customers' private and sensitive information."

The company said Wednesday that it was moving its entire e-commerce process to a third-party system, which will eliminate the need to store credit information.

Friedman also revealed that the company was targeted more than once by and had known for some time about a .

He said he was first alerted to a website hack in early December - weeks before Anonymous took to Twitter to boast of bringing down the website and stealing a stash of numbers, emails and other data from the company.

The hackers said then that their goal was to use the stolen credit information to donate to at Christmas, and some victims confirmed unauthorized transactions were made from their credit accounts.

Austin, Texas-based Stratfor is a subscription-based publisher providing political, economic and military analysis to help customers reduce risk. It charges subscribers for its reports and analysis, delivered through the web, emails and videos.

On Tuesday, Friedman said he had met with an FBI agent in early December after being informed by the company's vice president of intelligence that customers' had been stolen.

He said he had felt torn over the need to protect and personally inform customers at the time, but that the FBI was setting the rules and wanted to conduct its investigation without tipping the hackers off.

"It was very important to them that the criminals not know the extent to which we had knowledge of the damage," Friedman explained, saying the FBI had assured him that it had informed credit card companies about compromised cards.

"We were caught between a very difficult situation where the FBI had control of the investigation and expected certain care in that investigation - and the need to protect our customers," said Friedman. "What little we could do, we did."

Still, he said he was under "no illusion" that the breach would be exposed.

"We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files," Friedman said in a note to subscribers announcing the website's relaunch.

But he told the AP that subscribers have stood by the company and subscriptions have held up in light of the attack.

"Our customers are primarily focused on the criminals," he said. "Some customers have been critical, but the primary theme isn't that 'you didn't know how to lock the door,' but 'locked or not, what are these people doing coming in?'"

While dismayed over stolen emails in the previous breach, Friedman said he was "stunned" to learn that the company's servers were "effectively destroyed" in another hack on Dec. 24.

"I was absolutely unprepared for their attempt to destroy us," Friedman said, describing how hackers took full control of the servers, overrode the systems and made recovery "just about impossible."

"Our systems were shredded," he explained. "The destruction of our servers and our backups... was clearly intended to take us offline and silence us."

Stratfor said it was continuing to cooperate with an FBI investigation into the attack.

©2012 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Citation: Stratfor back online after cyberhack (2012, January 11) retrieved 27 June 2024 from https://phys.org/news/2012-01-stratfor-online-cyberhack.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Anonymous releases more Stratfor data
0 shares

Feedback to editors

Relevant PhysicsForums posts

AI In Actual Use

7 hours ago

Help! Old PC dog has to learn new Mac tricks

Jun 26, 2024

How can you trade non integer values of Bitcoin?

Jun 23, 2024

Help with my buggy TV/Streaming Services

Jun 23, 2024

Looking for a reliable inkjet All-In-One printer for photos and docs

Jun 18, 2024

The best and most secure password manager

Jun 14, 2024

More from Computing and Technology

Load comments (2)