How hackers tricked Coca-Cola

Network breach in 2009 started with ungrammatical email
Tools

Coca-Cola fell victim to a corporate data breach in 2009 after an executive opened an email with the subject line: "Save power is save money! (from CEO)" and then clicked on a link within, according to an investigation by Bloomberg News.  While the subject of the email seems ridiculous from this distance, it didn't to the executive because the company was seeking ways to save on energy at the time, reports Bloomberg's Jordan Robertson.

The hackers behind the email managed to penetrate Coca-Cola's network in a quest for details about the planned purchase of a Chinese company, Robertson reports. The acquisition did not come to fruition. Coca-Cola is just one of a number of victims of attacks in which the hackers were looking for information on planned business deals.  

While Coca-Cola's attackers were sophisticated, their techniques were not, and this isn't an uncommon approach. A similar attack was made on RSA when hackers sent an email to employees with a subject line that read "2011 Recruitment Plan." After an employee opened an attachment sent with the email, the ensuing breach exposed information that was used to try to attack Lockheed Martin.

For more:
- see Jordan Robertson's article at Bloomberg

Related Articles:
Elusive Trojan used to spy on energy firms
Why training users to be security-aware is a waste of time
Phishers go after White House officials' Gmail accounts

Filed Under