Stratfor Military Intelligence Hack Turns Prank

A military and security intelligence firm that fell victim to a hacking attack has suffered another embarrassment, even while analysis reveals that hundreds of military and political officials had their digital details exposed by hackers.

As reported last month, hackers struck Stratfor (or "Strategic Forecasting"), a Texas-based security consulting and analysis firm. They captured details of some 4,000 clients, cheekily using the stolen credit card information to make charitable donations.

Stratfor customers recently received an email apparently sent by CEO, George Friedman, asking them to rate the company's response to the incident. The note goes so far as to provide Friedman's personal cell and home phone numbers.

The email describes the attackers as "deranged, sexually deviant criminal hacker terrorist masterminds" and claims that in the future Statfor will offer all its premium services without charge.

Email Contains Bogus Links

Unfortunately, the email is a spoof, sent by the same hackers who gained access to the customer mailing list.

The message includes a series of bogus links, including an announcement that is actually a video containing Rick Astley's song "Never Gonna Give You Up", a trick reminiscent of a popular Internet prank from several years ago. (Source: cyberwar.nl)

The hackers also publicly posted some of the details they gathered in the original attack. A Washington-based security expert has assessed the data for a British newspaper and found the stolen email addresses include high-level government officials and people working in secure situations. (Source: guardian.co.uk)

The victims include 242 NATO staff (North Atlantic Treaty Organization), 23 employees of the British Parliament, dozens of British government officials and two people who work for the Royal Family.

Victim List Includes Active Military Staff

American officials have similarly seen their sensitive information exposed, with former vice president Dan Quayle and diplomat Henry Kissinger among the compromised names.

At least 19,000 of the revealed email addresses appear to relate to the US military, including 343 people currently known to be serving in war zones.

Security passwords published by the attackers are apparently encrypted, though it's feared the encryption can easily be deciphered.

There won't necessarily be any direct damage from outsiders gaining access to these passwords, though they would pose a security threat if any of the victims have used the same codes for other sensitive websites or services.