Internal Memo Outlines Gawker's Security Plan

2010-12-20T19:02:40
ID THREATPOST:6ED352639304A7730B9F0E101DF5F79B
Type threatpost
Reporter Brian Donohue
Modified 2013-04-17T20:09:48

Description

GawkerAfter
a hack of systems belonging to online publishing giant Gawker Media that yielded more than one million passwords,
the online media company’s chief technology officer has announced new defense strategies
aimed at placating their users and preventing further
humiliating data breaches.

Gawker Media CTO,
Thomas Plunkett, issued a company-wide memo released on Friday that lays
out the new security measures and suggests the company overlooked
security concerns in the rush to develop new features. A copy of the memo was posted on the Website of the Poynter Institute on Friday, Plunkett confirmed.

In the memo, Plunkett provides more detail on the massive breach and lays out the new security
measures they are implementing as
a result of it.
He explains that
hackers were able to exploit a vulnerability in their source code which then
allowed them to gain access to user data and passwords.

Plunkett blames the
security blunder on several sources, including: his team paying too much
attention to new projects while neglecting to address flaws and ensure
the
security of previous ones, the massive growth and inherently contentious
nature
of Gawker Media material, a lack of foresight about the
inevitability of such an attack and a lack of preparation for responding
to it. In a Threatpost.com op-ed last week, Jeremiah Grossman noted that planning for incident response was one of the most important lessons from the Gawker breach.

Gawker Media is now working with an Independent security firm to review what
happened. They claim to have established a ‘fairly accurate’ timeline of the
intrusion, regaining control of and reconfiguring compromised Gawker assets,
such as their Google Apps account.

In his memo, Plunkett maintains that the company has addressed
all known vulnerabilities and continue to audit their systems searching for
more. They have also established a help desk to address commenter concerns
regarding the breach.

Other steps taken by Gawker Media include
enabling
SSL for internal communications and two factor authentication for access
to external sources, such as Google Documents. The company, which has
been on the cutting edge of online media, is also looking at ways for
users to sever the connection between Gawker accounts and personal
e-mail accounts, possibly by allowing users to create disposable
accounts that are accessed with a unique key value.