Hello,
I read on lexpress.mu [1] that the Mauritian President's Facebook
account was "piraté". The article contains several discrepancies.
The title says "Profil Facebook piraté" while the story goes like
"vidéos à caractère pornographiques circulaient sur sa page". I cannot
discern if the Facebook profile was compromised and pornographic videos
were posted by the account holder or videos were only *shared* on the
page. You do not need to compromise a Facebook account in order to share
something on a person's wall.
Note, Facebook page and Facebook profile are two different things.
If videos are shared on the profile of someone, that is NOT being
"piraté". It could be someone who is friend with the account holder, got
his/her device infected and obscene images/videos are posted on the
walls of his/her Facebook friends.
The article does not explain with enough clarity what exactly happened.
At the end of the article there is a sergeant from the Cyber Crime Unit
that advises:
"Demandez l’adresse et le numéro de contact à la personne. Et pourquoi
pas, de vous envoyer une photo de son lieu de travail. Demandez-lui
également de vous rappeler."
No, seriously. Does this person from the cyber crime unit understand
social engineering?
Definition: Social engineering is a non-technical method of intrusion
hackers use that relies heavily on human interaction and often involves
tricking people into breaking normal security procedures.
To explain it in a different way, social engineering, are techniques
like chatting with someone, writing a letter, talking over the phone &
convincing the person at the other end to do something. You happen to
impersonate somebody else and get the information you require.
Let's get back to an important question, if the Facebook account of the
president did actually get compromised, then how? There are many ways
that a cyber criminal could employ to get hold of an account. One of the
mechanism would be to infect a machine that the person uses.
Is the computer that the president use, infected?
A few months ago, the General Manager of the Mauritius Post and
Cooperative Bank gave a statement to the press that his email account
was compromised [2].
Do these give us an indication about IT Security issues in Mauritius?
[1]
http://www.lexpress.mu/article/264556/profil-facebook-pirate-gurib-fakim-portera-plainte-cybercrime-unit
[2]
http://www.defimedia.info/live-news/item/66786-pavaday-thondrayen-limoge-de-la-mpcb.html
Regards,
--
Ish Sookun
- Geek by birth, Linux by choice.
- I blog at HACKLOG.in.
https://twitter.com/IshSookun ^^ Do you tweet?
Received on Thu Jun 25 2015 - 16:23:01 PST