The "Anonymous" hactivist group has been teaching some useful if costly lessons in information security. Their latest instructional exploit came at the expense of a thoroughly unsympathetic victim: Syria's dictatorial president, Bashar al-Assad.
Anonymous, it seems, had an easy time hacking into the server at his presidential office. Why so easy? Because several staffers there were using the password "12345."
This has caused a good many laughs in the tech world. And we will concede that that managing information security for the Syrian Ministry of Presidential Affairs is a thankless job. How do you tell a dictator that he really needs to use a stronger password?
All the same, this episode teaches a basic, critical lesson about information security. There is no substitute for security policy compliance.
