Issue No.05 - September/October (2008 vol.6)
Camilo Viecco , Indiana University
Jean Camp , Indiana University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.109
Details about failures of complex and well-implemented information-based attacks on systems are extremely difficult to obtain. However, here the authors examine a real-life analogue—an information attack on a highly complex security system, that of the Colombian guerrilla group FARC. This operation included a man-in-the-middle attack, targeted denial of service (DoS), and authentication subversion. The attack on FARC's communications structure is interesting not only because of its electronic and analog components, but also because it was a life or death matter. The authors examine the hostages' liberation from an information security perspective, compiling data from several Colombian newspapers and magazines and using the most accepted version of the events.
information security, FARC, man-in-the-middle attacks, Colombian hostages, secure systems
Camilo Viecco, Jean Camp, "A Life or Death InfoSec Subversion", IEEE Security & Privacy, vol.6, no. 5, pp. 74-76, September/October 2008, doi:10.1109/MSP.2008.109