Tag Archives: Halliburton

Fortune 500 Companies Leaked 20GB of Sensitive Information

The following story is just a big LOL: And once again a document of how ridiculously easy is to be a profitable cyber criminal today. Luckily for the prominent corporations that makes up the famous Fortune 500 list, these guys were not hackers – they are IT security researchers.

“If  in six months we were able to collect 20 gigabytes of data, imagine what a malicious attacker could gain.”

Peter Kim – Garrett Gee

All they did was to by internet domain names that was almost identical to the well-known global corporations – just missing a dot. It wasn’t long before emails, containing everything from trade secrets, business invoices, personal information about employees, network diagrams and passwords, started to pour in…

Security researchers Peter Kim and Garrett Gee have captured 120,000 emails intended for Fortune 500 companies by exploiting a basic typo.

“The emails included trade secrets, personal information, network diagrams and passwords, started to pour in,” the website Naked Security (by security firm Sophos) writes.

The researchers did this by buying 30 internet domains they thought people would send emails to by accident (a practice known as typosquatting).

The domain names they chose were all identical to subdomains used by Fortune 500 companies save for a missing dot.

Having purchased the domains they simply sat back and watched as users mistakenly sent them over 120,000 emails in six months.

Kim and Garrett have not identified their targets but have revealed that they were chosen from a list of 151 Fortune 500 companies they regarded as vulnerable to their variation of typosquatting.

However, the list is jam-packed with household names like Dell, Microsoft, Halliburton, PepsiCo and Nike.

The emails they collected included the following sensitive corporate information:

  • Passwords for an IT firm’s external Cisco routers
  • Precise details of the contents of a large oil company’s oil tankers
  • VPN details and passwords for a system managing road tollways

The researchers also warn of how easy it would have been to turn their passive typosquatting into an even more dangerous man-in-the-middle attack.

Such an attack would have allowed them to capture entire email conversations rather than just individual stray emails.

The two “White Hats” describe they’re metode as “passive email attack”.

And they write:

“During a six‐month span, over 120,000 individual emails (or 20 gigabytes of data) were collected which included trade secrets, business invoices, employee PII, network  diagrams, usernames and passwords, etc. Essentially, a simple mistype of the destination domain could send anything that is sent over email to an unintended destination.”

“If in six months we were able to collect 20 gigabytes of data, imagine what a malicious attacker could gain.”

Well, I’m not sure that would be good for every CEO amongst the Fortune 500’s – it might be bad for their blood pressure, or something…

Because; the report by Kim and Gee do also indicate that they probably not is the first computer geeks who have thought of this:

“After reviewing the WHOIS information from all Fortune 500 companies, we noticed some of the largest companies were already registered to locations in China and to domains associated with malware and phishing. While it is unknown if these domains are used in a malicious fashion, it is apparent that some targeting is happening here.”

Peter Kim and Garrett Gee’s paper “Doppelganger Domains” is available to download from Wired.

Related by the EconoTwist’s:

 

 

2 Comments

Filed under Laws and Regulations, National Economic Politics, Technology

Another BP CDS Blowout Today?

Reports stemming from the presidential commission investigating the Gulf of Mexico oil spill indicate that Halliburton and BP were aware of flaws in the cement used to seal the well’s bottom. Halliburton’s CDS spreads started to move  Thursday – what will happen on Friday?

“The distribution of the burden, unlike hardened cement, is still fluid.”

Otis Casey



Halliburton and BP may have been aware of flaws in the cement used to seal the well’s bottom, according to an official report.  CDS on Halliburton started out moderately wider on the headlines, but is currently about 38 bps wider than yesterday’s close. Anadarko and Transocean are essentially unchanged. But this can change quickly.

The market’s reaction on BP CDS will come in Friday’s London session

“Whether the report constitutes a ‘smoking gun’ or not remains to be seen, but it has that potential. Litigation risk is high even if the total amount is uncertain. The distribution of the burden, unlike hardened cement, is still fluid,” vice president Otis Casey at Markit writes in a comment.

(www.markit.com)

.

Back in May, it was  the Transocean CDS that got the biggest kick.

(www.cma.com)

 

1 Comment

Filed under National Economic Politics, Technology