Human Error is to Blame for WWE’s recent breach. We take it out on the Superstars.

Aug 8, 2017 | Security-GRC | 0 comments

Mistakes come in many forms and some of them even cost companies loads of money. Like that time when WWE went PG when its audience is primarily 35 and up.

Whether you’re eBay who got phished for customer credentials or Target who’s HVAC guy was ultimately responsible for one of the most infamous breaches in the US – you should be worried about human error.

Within the last month both Verizon and World Wrestling Entertainment confirmed breaches. How? Human error. WWE stated their Amazon Cloud had been inappropriately misconfigured which exploited 3 million customer’s credentials and information. Verizon topped that at 14 million exploited customers with the same issue.

If it weren’t for these breaches would these companies have even recognized the gap in their Cloud configuration? It surely brings on a whole new meaning to John Cena’s infamous quote “You Can’t See Me” because these companies apparently missed a low hanging fruit that could have easily been fixed.

So, in light of this recent report we’ve imagined what tactics hackers may use on these WWE stars had the WWE hacker gone after these employees directly.

John Cena – For Cena, we imagine a cybercriminal would try to run a spear phishing campaign. They would start out by spoofing his soon to be bride’s (Nikki Bella) WWE email account. Then they would attempt to acquire his usernames, passwords, and credit card details. Once he gives his information up… they got him! Who can’t see who now, Cena?

via GIPHY

Baron Corbin – Baron Corbin is the current Money in the Bank title holder. More of a reason for those bad guys to take the money and run. This hack calls for some serious ransom and what better way than ransomware? First, the hacker would send a faux Google alert to Baron letting him know another “hater” bad-mouthed his hairline. He would surely click on the link embedded in that email because his hairline is well… a sensitive subject. Then, ransomware would be installed and if he ever wants to respond to those haters, he better pay up.

Hulk Hogan – Although Hulkmania is no longer “running wild” we know something that could be. Malware. Malware is running wild everywhere else, why not the Hogan home? A hacker could easily start by hacking a vulnerability in Hulk’s home server. Then install a vicious malware. How’s that for running wild, BROTHER?

via GIPHY

Rick Flair – As the record holder of World Championships, the Stylin’, profilin’, limousine riding, jet flying, kiss-stealing, wheelin’ n’ dealin’ son of a gun himself needs to get hacked. What better way than to have his limousine driver steal his information? Talk about a third-party risk.

via GIPHY

The New Day – Summerslam is less than two weeks away and we’re predicting a blowout when it comes to The New Day vs the Usos. But how bittersweet would it be if a cybercriminal used a phishing campaign to hack The New Day the day before their match? Here’s how they would do it. They would start with a spear phishing campaign targeting their WWE emails and pose as CEO Vince McMahon. The message would be simple: Do whatever you can to win against the Usos and you will get a $200,000 raise. They would of course include a link to view their new potential contract and once clicked – a malware infection would take over their PC. Bwahaha.

via GIPHY

The Rock – Do you smell what the Rock is cookin’? If not, here’s what the hackers are cookin’ up when it comes to hacking the infamous Rock. They will spear phish The Rock by posing as his manager Dany Garcia letting him know he just scored the biggest projected blockbuster for 2020! From there, they would include a file that poses as his contract with MGM. The file will then threaten his PC with a virus.

via GIPHY

<script type="text/javascript" src="//platform.linkedin.com/in.js"></script><script type="in/share" data-counter="top"></script> <a href="https://twitter.com/share" class="twitter-share-button" data-via="ASMGi_CLE">Tweet</a> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^https:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');</script><!-- [et_pb_line_break_holder] -->

Navigate the blog