If you follow tech news in the slightest, you may have read the story about how a French television network, TV5Monde, had the signals for 11 of its stations hacked and taken off air for a period of time. Hackers were, of course, to blame and French police are investigating, but it appears the source of the hack may have come from a very simple source.
Their own carelessness.
Ars Technica detailed it here, and it makes for a head bang on desk worthy read.
The essence of the story is that they filmed a video bit in their offices with a cubicle as the backdrop. On the walls of the cubicle were cue cards and post it notes, all plastered with the usernames and password for the networks various social media and network accounts.
Bang. That was their sound of their IT people banging THEIR heads against their desks.
This is the kind of thing that drives every IT Professional nuts, and it is something we have harped on over and over when we discuss security threats. We can install every piece of security software, hardware firewalls, require uber-complex passwords, force regular password changes…but we can’t defend against what you, the user does.
What this network did is the equivalent of you taking a selfie of yourself in front of your computer screen with your bank’s home page on the monitor and your account number and password on a sticky note hanging from the monitor. There are hackers who actively troll instagram, facebook, twitter and all social network feeds, looking for images that might have such accidental postings. They won’t hesitate to take advantage of it for everything from minor mischief to total identity theft.
We don’t say this to scare you from posting any of your pictures and adventures and thoughts online. That is one of the marvels of the internet, the sharing of information. However, you have to be the key part of your own online security. Be aware of what you post, the privacy settings for who can see it, the content of any quick pictures you may take on a whim, and the files you download to watch a TV show you may have missed.
We can’t say it enough. You are your own best defence against hackers and malware hijackers. If you post a selfie of yourself, forgetting that you’ve got a note on your desk with your passwords so you don’t forget…well we can’t help you much there when someone else uses that note so THEY don’t forget it.
I guarantee that French network is implementing a policy change right now along with changing every password to everything they use.