With big companies taking every precaution against malware they can possibly think of, it’s getting increasingly difficult for hackers to wedge their way in. So instead of going after the highly secure company employee accounts themselves, hackers are going after what those employees hold most dear — Chinese food.
According to a recent New York Times article, when hackers found themselves unable to breach a major oil company’s computer network, they found an odd little way of circumventing the problem:
Unable to breach the computer network at a big oil company, hackers infected with malware the online menu of a Chinese restaurant that was popular with employees. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in the business’s vast computer network.
Attacks like this (known as watering hole attacks) aren’t that rare either. This is more or less the same thing that happened to Target in the US back in December — or rather happened to Target’s HVAC guy. Printers, thermostats, videoconferencing equipment, all of it has been used to access an otherwise rock solid security system. Still, a Chinese food menu feels like a violation on an entirely different level. Is nothing sacred? [New York Times]
Picture: Shutterstock/Liz Van Steenburgh