From labor disputes cases to labor and employment publications, for your research, you’ll find solutions on Bloomberg Law®. Protect your clients by developing strategies based on Litigation...
By Jacquie Lee
A hacker, known only by the stamp “AmmarLiverpool,” targeted the Retail, Wholesale and Department Store Union’s website the night of Aug. 1, the union’s communications director, Chelsea Connor, confirmed for Bloomberg BNA Aug. 2.
The hacker deleted all of the website’s content and then posted this message to the site: “Hacked By AmmarLiverpool This Website Has Been HaCked By Electronic resistance against the Zionist sites AmmarLiverpool Was Here 1 ; 2 ; 3 Vive L’Algerie.”
This isn’t the first time unions have had a run-in with hackers. An internet bandit depleted the bank account of the Connecticut chapter of the Communications Workers of America in November. That same month, UFCW Local 655 ended up forking over about $6,000 in bitcoin to a hacker who held its pension plans hostage. The hacker demanded three bitcoins, which were valued at $2,000 each, to enable the site to work again.
“AmmarLiverpool” didn’t seek payment to return RWDSU’s site to the union’s control, Connor said.
The site doesn’t store any private information, such as Social Security numbers or addresses, she said. “Any information that was removed or seen was all public,” Connor said. “There’s no member information on our website whatsoever.”
By late afternoon Aug. 2, the union had regained the ability to control the homepage of the site and posted a message explaining the incident.
Connor first realized the site was corrupted when an RWDSU staff member called her about 9:20 p.m. Aug. 1. An hour later, the union issued a statement.
“Tonight, our union was attacked by a hateful anti-semitic computer hacker,” RWDSU President Stuart Appelbaum said in the statement. “We are working swiftly to ensure his message of hate spreads no further and that our website is restored and our firewalls strengthened.”
RWDSU officials aren’t sure why the union was targeted, Connor said. Appelbaum is also president of the Jewish Labor Committee and a well-known figure in New York’s Jewish community, but Connor is unsure whether that explains why the hacker chose RWDSU.
“Whether it’s specific to him or our union, I don’t think it matters,” Connor said. “Clearly this was someone who wanted to share a message, and unfortunately that message was very hurtful for us.”
An entity that identified itself as “AmmarLiverpool” took credit for hacking four Italian websites in October 2013. Other websites AmmarLiverpool recently hacked are associated with a variety of industries, which may indicate the attack was a crime of opportunity rather than targeting Appelbaum specifically.
The union’s IT team is working to fully restore the website. RWDSU is working with 1&1, the company that hosts the site, to determine which law enforcement agency has jurisdiction over the hack, Connor said.
In most cases, hackers steal information or hold websites for ransom, but leaving a message is meant to signal a hacker’s power, Bhavani Thuraisingham told Bloomberg BNA. She’s the executive director of the Cyber Security Institute at the University of Texas at Dallas.
To protect themselves, individuals and companies should change their passwords every three months, keep firewalls up-to-date, and back up their data, Thuraisingham said. But individuals need to take more initiative in learning about how their computer’s security system works as well, she said.
“These things are only going to get worse because we live in an interconnected world,” she said. “We really need to have knowledge to be able to do that. If we don’t, we have to suffer the consequences.”
Companies are starting to heed the advice of cybersecurity experts. In the past four years, some have begun investing in cyber insurance, Thuraisingham said.
“Health-care companies have highly sensitive information, so if they are hacked people will sue them,” she said. “That’s why they take insurance. Not for damaged computers, but to pay for litigation.”
First, system administrators must change their passwords and their user IDs, Shiu-Kai Chin, professor of electrical engineering and computer science at Syracuse University, said.
Then, officials should make a list of who has access to the files that hold the website’s content. It should be as short as possible to cut down on possible leakers or people vulnerable to hackers, Chin said.
Finally, someone must do an audit of the website, he said.
“There’s no security without audit,” he said.
Thanks to a tracking system hosted on most websites, administrators can look to see who had access to their website’s files and when others were trying to gain access.
If the IP address for whoever gained access to those files matches those of other administrators, it could be an “inside job,” Chin said. If not, that points to an outside hacker trying to get into the organization’s system. Theoretically, officials could use the outsider’s IP address to track down the hacker.
But IP addresses are tricky because they can be spoofed, Chin said. They’re more useful in determining whether the hack was an inside or outside job than who the actual hacker is, he said.
In most cases hacks can be avoided if organizations can patch up vulnerabilities in their systems, hire competent IT teams, and educate their workforce on how to operate their computers safely, Chin said.
“The long-term message is just like health care and taking care of yourself: You can cheapen out now, but you can pay me now or pay me later,” he said.
To contact the reporter on this story: Jacquie Lee at email@example.com
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)