NBC representatives have responded to the blog post in which Robert Graham of Errata Security calls the NBC News story on hacking attacks against Sochi Olympics attendees “100% fraudulent.”
In his post, Graham wrote, “They aren’t in Sochi, but in Moscow, 1007 miles away.”
In response, NBC representatives said the following (via The Wire): “From the very first frame it was made absolutely clear that the piece was taped in Moscow. Richard welcomed the expert to Moscow on camera, in front of a well-known Moscow landmark.”
Graham’s second point was: “The ‘hack’ happens because of the websites they visit (Olympic themed websites), not their physical location. The results would’ve been the same in America.”
To this, NBC responded: “Of course this type of cyber attack can happen anywhere in the world, but the point we were demonstrating is that a user is more likely to be targeted by hackers while conducting search in Russia, and that such attacks happen with alarming speed from the moment a user goes online.”
Finally, the security expert said, “The phone didn’t ‘get’ hacked; Richard Engel initiated the download of a hostile Android app onto his phone.”
To which NBC responded with: “The story was designed to show how a non-expert can easily fall victim to a cyber attack when they are deceived into downloading a piece of malicious software that is disguised as a friendly message or alert.
Just like any regular user, Richard went online, searched sites and was very quickly targeted and received a tailored fake message designed to trick him into downloading the software.”
NBC has also highlighted the fact that in addition to the controversial video, another one has been published. The second video contains more technical details and is not as overblown as the first one.
Kyle Wilhoit, the Trend Micro security expert who assisted NBC’s Richard Engel in the experiment, has promised to publish more technical details. Wilhoit admits that the way the story has been edited by NBC makes it misleading.