In 1978, Cliff Ensley ’69, ’70, G’71 had an idea to start his own business and just $2,500 to do it. He was used to taking on challenges—there was no stopping him. Growing up, he struggled with a learning disability—at…
Phishing Attacks: Everything Old is New Again
This week, Microsoft announced it had been successful in stopping attempted cyber-attacks by Russian hackers that were trying to steal data from U.S. political groups. The company believes the attacks were likely the start of a “spear phishing” campaign that would have tried to trick users to click fake website links of real organizations to steal login information.
Kevin (Wenliang) Du is a professor of electrical engineering and computer science at Syracuse University’s College of Engineering and Computer Science. Professor Du, who teaches internet security courses, says phishing attacks are not new to the cyber world. But the move of attacks into the political world is.
“In general, this is called ‘phishing attacks.’ Attackers trick victims to visit their sites, which looks similar to a legitimate site. The attack has been used against banking, financial institutes, companies, and universities. To my knowledge, using it for political purpose is something quite new. Technically, however, they are similar attacks.
“I do remember one incident that is related to this most recent attack. In the 2004 presidential debate between John Edward and then U.S. Vice President Dick Cheney, Cheney said the following: ‘Well, the reason they keep mentioning Halliburton is because they’re trying to throw up a smokescreen. They know the charges are false. They know that if you go, for example, to FactCheck.com, an independent Web site sponsored by the University of Pennsylvania, you can get the specific details with respect to Halliburton.’ The debate was broadcasted live and within a few minutes, the website of FactCheck.com received a tremendous amount of traffic.
“Unfortunately for Cheney, the actual website should have been FactCheck.org, a politically neutral web site, not FactCheck.com. George Soro, who did not like Bush, immediately capitalized on this mistake by somehow (he might have paid the owner of FactCheck.com for doing so) redirecting all the FackCheck.com-bound traffic to his own website, where the top item was an article by Soros entitled ‘Why we must not Re-Elect President Bush.’ In essence, Cheney had launched an attack against himself by using an incorrect website name and Soro capitalized on that mistake. In spirit, the attacks we see today are similar to this incident.
“To protect against this attack, customers just have to be very careful telling the difference between the real website and a fake website. It is quite hard.”
To request interviews or get more information:
Media Relations Manager
Division of Communications and Marketing