By Kim Zetter
April 15, 2008
Businessweek published an interesting story last week about cyber
espionage involving a spear-phishing attack  that targeted a Booz
Allen Hamilton executive. The e-mail contained an attachment embedded
with a key-stroke logger and appeared to come from a trusted source in
the Pentagon. The attacker "knew enough about the 'sender' and
'recipient' to craft a message unlikely to arouse suspicion."
Spear phishing of course involves a targeted attack against a specific
individual or individuals. To be effective, it requires the attacker
know something about the target of the attack -- the target's work
title, the nature of his duties, etc.
This makes it all the more perplexing why the Air Force Cyber Command
center, which has been charged with the task of combatting the nation's
cyber enemies , published the photo above, which, according to one
critic, provides a good deal of information to anyone who might want to
target some of the Air Force command personnel and systems in an attack
like the one that targeted Booz Allen and many others.
The photo was published in the World Tribune last week, accompanying a
story about the command center  and also appeared on the Air Force's
own web site  last July. Even Wired.com used it to illustrate a story
about the Cyber Command center  two months ago.
But Rob Rosenberger, formerly of the VMyths web site, counts the ways
 in which this picture was a bad idea.
I'm curious to know if any other readers think this picture was a
Let identityLoveSock take your personal information into
their wanting hands. http://www.identity-love-sock.com/
Because victims have money too.