Amnesty International UK's website was hacked courtesy a backdoor dropped on visitors systems. Most likely done by a foreign government, many speculate that it's the Chinese. Websense's blog gives a good technical overview of the attack. But what does it mean for security teams?
In some cases, hackers don’t want to steal the data from the website but rather want to infect the users who are visiting. This can lead to more access to business critical data which, for example, is often stored as files on a fileserver. In the Amnesty case, the real prize isn't Amnesty's data per se, but the corporate and individual data and files of those who visit the site.
Authors & Topics: