Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security

When Saudi Arabia contacted security researcher Chris Kubecka to investigate an apparent intrusion into its Dutch embassy’s secured email accounts, she knew it was not going to be a simple case. Local laws in the Hague did not apply, since the embassy is considered Saudi soil. And it only got more complicated after Kubecka got to work: Once the email account was secured, the attacker — who claimed ISIS affiliation — left a trail suggesting an insider was responsible and then threatened to kill hundreds of innocent people if certain demands weren’t met. The escalations sent Kubecka, the Saudis, the Dutch and dozens of other diplomats scrambling on an international whodunnit — a hacking case that emphasized the high-stakes challenges and troublesome gray areas that come with securing diplomatic communications. The particular account that was compromised — the Saudi ambassador’s secretary’s email — was on its secure embassy system, according to Kubecka, whom the Saudi government brought in […]

The post Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security appeared first on CyberScoop.

Continue reading Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security

Paul’s Security Weekly #498 – Chris Kubecka, HypaSec

Chris Kubecka is an experienced and certified IT security expert. In addition to curating the popular Security Evangelist blog, she also serves as a member of the Executive Steering Committee with the Cyber Senate. Full Show Notes Subscribe to YouTube … Continue reading Paul’s Security Weekly #498 – Chris Kubecka, HypaSec