Wall of credentials shows newsroom's security stance

Apr 10, 2015 11:20 GMT  ·  By

After falling victim to a major cyber-attack that halted its entire media activity, TV5Monde exposed a large number of its passwords in a TV interview.

The video footage has TV5Monde reporter David Delos talking about the hack incident that occurred on Wednesday night, and it also captures a background wall filled with notes containing access credentials, the names YouTube and Instagram standing out.

At least one password was deciphered

The interview was published by FranceTV on Thursday, and the image of the password wall is available 3’44’’ into the footage.

While the information is not too easy to read, some people managed to refine the picture and determined that the password for YouTube was “lemotdepassedeyoutube” (translated into English it becomes “thepasswordofYouTube”), as ethical hacker pent0thal says on Twitter.

The exposed information is no longer of use, but the fact that it was available in plain sight in the office is a clear indication of the security stance of the company.

The cyber-attack on TV5Monde affected all 11 channels of the media network, which emitted a black screen after the intruders, the CyberCaliphate group associated with ISIS, took control of the computers.

Social media accounts of the company were also impacted as the hackers hijacked them and posted pro-ISIS messages.

Visual hacking - the non-technical way to collect data

Last summer, over a period of two months, Ponemon Institute conducted a study on how someone could obtain information leading to breaching a company’s systems without resorting to hacking.

The experiment demonstrated that someone can collect sensitive data, credentials included, in 88% of the cases, by simply walking around the office and snooping on the workers’ desks.

The technique, which was applied to eight US-based organizations, is called visual hacking and requires a person that has a particular set of skills for retrieving the data this way.

However, the research proved that straight hacking into a computer network and risking detection before reaching the objective is not completely necessary.

In the case of TV5Monde, any visitor of the newsroom could have snapped a picture of the wall or simply memorize the passwords for access to sensitive parts of the network, especially since the strings were not too difficult to remember.

Yves Bigot, TV5Monde’s CEO, believes that the attack was planned in advance, because it was coordinated and previous attempts to gain illegal access to the systems were recorded.