Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security
When Saudi Arabia contacted security researcher Chris Kubecka to investigate an apparent intrusion into its Dutch embassy’s secured email accounts, she knew it was not going to be a simple case. Local laws in the Hague did not apply, since the embassy is considered Saudi soil. And it only got more complicated after Kubecka got to work: Once the email account was secured, the attacker — who claimed ISIS affiliation — left a trail suggesting an insider was responsible and then threatened to kill hundreds of innocent people if certain demands weren’t met. The escalations sent Kubecka, the Saudis, the Dutch and dozens of other diplomats scrambling on an international whodunnit — a hacking case that emphasized the high-stakes challenges and troublesome gray areas that come with securing diplomatic communications. The particular account that was compromised — the Saudi ambassador’s secretary’s email — was on its secure embassy system, according to Kubecka, whom the Saudi government brought in […]
The post Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security appeared first on CyberScoop.