Shouldn't it be relatively easy to detect hackers attacking your email accounts?It should be. All they need do is have their reporters digitally sign their e-mails. Then if an e-mail arrives with the wrong digital signature, it can be discarded.There is even open source software for doing this.http://www.enigmail.net/home/index.php works, at least with Thunderbird.And if they do not use that, they can go down one level and usehttp://gnupg.org/It does require someone who is up to date in their IT department, but they certainly have the resources to put this into operation.After all, the users are your reporters. You know where they are. You know their usual routine for using email. Most of them probably get email with only a handful of devices and you know what they are. And you should be able to encrypt content.Encryption is a separate, but related issue. It is simply a matter of policy. The same mechanism for signing works for encryption. The method used is very secure. It is just a matter of whether it is desirable to keep the reports secret from the general public, or even high-resource black hats, such as government agencies, or not.So unusual activity from incorrect locations or unknown devices should raise alarms immediately. Why did it take so long to shut them down? Some reporters have a fixed office that probably does not change from day-to-day, and its location and IP address are known. Trouble is it is fairly easy to forge an IP address, so a sufficiently well informed black hat can pretend to be sending from the proper IP address. Another problem is that other reporters move around a lot from day-to-day or even hour-to-hour, and this reduces the likelihood that knowledge of IP address, etc., will be any use,A greater problem, and I do not know if this was the case with the attack on the New York Times, is that no forgery was involved at all, but just a (possibly) distributed denial of service attack. And digital signing, encryption, etc., will be of little or no help with that. It would take a good IT department at the NYT to manage that, and they might require outside help besides.
Best Of |
Favorites & Replies |
Start a New Board |
My Fool |
BATS data provided in real-time. NYSE, NASDAQ and NYSEMKT data delayed 15 minutes.
Real-Time prices provided by BATS. Market data provided by Interactive Data.
Company fundamental data provided by Morningstar. Earnings Estimates, Analyst Ra