Former US Secretary of State Colin Powell is the latest public figure to have fallen victim to hackers, with a series of out-of-character messages posted to his Facebook page.
But before you jump to the conclusion that only a highly-sophistictaed gang of hackers, backed by an enemy nation, could possibly have had the skills to break into the Facebook account of the man who was Chairman of the Joint Chiefs of Staff during the Gulf War.. think again.
It appears that whoever broke into Colin Powell’s Facebook account, didn’t do so to steal secrets – but rather in a mischievous attempt to redistribute private photographs and emails previously stolen from the families of former presidents George H.W. Bush George W. Bush.
Indeed, some of the posts made to Colin Powell’s Facebook account contain images previously posted online by a hacker named “Guccifer”, who doxed the Bush family last month.
At the time of writing, Colin Powell’s Facebook page is unavailable, and one presumes that Facebook’s security team have stepped in before any more damage can be done or embarrassment caused.
The interesting question that cannot easily be answered is just *how* Colin Powell’s Facebook account was hacked.
The most likely answer is that his password was compromised – but if that is the case, was it compromised because it was poorly-chosen and thus easy to crack?
Or was it perhaps that the very same password was being unwisely used elsewhere by Colin Powell, on a site that was cracked?
However the account was compromised, it might be time for Colin Powell to read up on password security – and ensure that his Facebook page is better defended in future.
If you want to keep up-to-date with the latest security and privacy news on Facebook, you should join the Naked Security from Sophos Facebook page, where over 200,000 members exchange information about the latest threats.
Leave a reply