In response to the Malaysia Airlines website hack, Trey Ford, Global Security Strategist at Rapid7, has provided the following comment.
“It’s been a terrible year for Malaysia Airlines and a bad month so far for travel websites. A quick review of the timeline seems to validate Malaysia Airlines’ statement that the DNS was compromised. The Airline’s security response team would be able to piece together a timeline of events rather quickly; the investigation path on something like this is fairly straightforward, albeit reliant on third party participation from the Domain Registrar, a DNS provider, or others. I have no hesitation in believing the systems managed by the airline were not impacted or undermined in the course of this event.
Free Cyber Security Training! Join the revolution today!
“While embarrassing, this redirection is little more than a nuisance from an operational perspective. This strikes me as an attack of opportunity more than a focused compromise. Due to the simple ‘defacement page,’ overt announcement of the compromise, and lack of additional malice, I believe this was more a press stunt or redirection on the part of the attackers claiming to be Lizard Squad.”
By Trey Ford, Global Security Strategist, Rapid7
About Rapid7
Rapid7’s mission is to develop simple, innovative solutions for security’s complex challenges. The company understands the attacker better than anyone and builds that insight into its security software and services. Rapid7’s IT security analytics solutions collect, contextualize, and analyze the security data users need to dramatically reduce threat exposure and detect compromise in real-time. They speed investigations so customers can halt threats and clean up systems fast. Unlike traditional vulnerability assessment or incident management, Rapid7 provides insight into the security state of your assets and users, across virtual, mobile, private and public cloud networks.
The company offers advanced capabilities for vulnerability management, penetration testing, endpoint controls assessment, and incident detection and investigation. Its attacker intelligence is informed by more than 200,000 members of the Metasploit community, the industry-leading Rapid7 Research Labs, and its experienced security services team. Rapid7 is trusted by more than 3,000 organizations across 78 countries, including more than 250 of the Fortune 1000.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.