CloudLock’s Kevin O’Brien was mentioned in Wednesday’s Mashable article by Lorenzo Franceschi-Bicchierai titled, “Syrian Electronic Army Finds Third-Party Doorway to NYT, Twitter in Phishing Attack.”
The article discusses Tuesday’s email phishing attack on the New York Times and Twitter domains by the Syrian Electronic Army.
According to the article, Melbourne IT, the domain reseller, suspended compromised accounts in an effort to limit further damage.
“If there is any consolation to be had, it is that this is an incredibly unsophisticated form of attack,” said Kevin O’Brien, enterprise solutions architect at security firm CloudLock, in an email to Mashable.
On Thursday, August 29, CloudLock’s Kevin O’Brien was mentioned in a Tom’s Guide article by Jill Schar titled, “How NY Times Could Have Shielded Itself from Hack Attack.” On the heels of the recent New York Times and Twitter phishing attack, this article investigates the technical aspects of how a DNS attack is accomplished.
“DNS has been in place essentially since the Web started… [and] from its very origins it was not built to support the Web as it exists today,” said Kevin O’Brien, an enterprise solutions architect from Cloudlock, a cloud-based data security company.
According to O’Brien, DNS has a number of structural flaws, which the New York Times hackers exploited to bring the website down.
O’Brien likened DNS servers to a phonebook: people can search the book by a person’s name and find the entry that connects the person to a telephone number. What the hackers did is like changing the number next to the New York Times’ name in the phonebook.