Hackers demand ransom from British telecom TalkTalk

24 Oct 2015 | Author: | No comments yet »

Every TalkTalk user has been ‘hacked by Jihadis’ who warn Judgement Day is soon.

London (CNNMoney) — British telecom TalkTalk said it has received a ransom demand following a “significant and sustained cyberattack” that put the data of four million customers at risk. The internet terrorists carried out a “significant and sustained cyber attack” on the British broadband company and sent the boss a ransom message. TalkTalk made the announcement late on Thursday, but The Telegraph can disclose that as early as Friday last week customers suffered attacks on their home computers, as well as scam calls by thieves who knew their names and account details. The data could include credit card and bank details, and if the theft is confirmed by a police investigation it would be one of Britain’s biggest online security breaches. “We have been contacted by, I don’t know whether it is an individual or a group, purporting to be the hacker,” TalkTalk CEO Dido Harding told the BBC, without giving details. Keith Vaz, the chairman of the cross-party home affairs select committee, said evidence was beginning to emerge that TalkTalk had covered up the true scale of the “alarming and unacceptable” crime.

Jens Monrad, a Copenhagen-based security expert for US cyber defense firm FireEye, also told Reuters that samples of financial data which appeared to come from TalkTalk customers had been spotted for sale in cybercriminal forums on the so-called dark web. The line that previously divided hacktivists, criminals and outsourced, state-led efforts at espionage have become blurred, a report by the European police agency said last month. Baroness Harding of Winscombe, TalkTalk’s chief executive who is known professionally as Dido Harding, was under mounting pressure to explain her response to the crisis. The attack is potentially one of the largest and most damaging to hit a British company, and follows dozens of high-profile cases targeting retailers and banks in North America.

Criminals are increasingly adopting the long-term tactics of highly skilled, highly motivated groups often charged by a state to break into critical systems of rival nations and steal information. “Even though cyber sabotages have been infrequent so far, attacks on critical infrastructures are a threat that is here to stay,” said Europol. All of the information must be stored behind layers and layers of security, and put in different virtual ‘compartments’ so that cyber-thieves who manage to get their hands on any data will have to break through many more layers of security before they are able to piece together a full picture. The details of millions of customers of infidelity website Ashley Madison were leaked in August after a massive cyber assault, while Sony Corp’s film studios were hit last year. When Russia invaded Georgia in 2008, patriotic hackers were given the technological tools to carry out cyber-attacks to back the military efforts, according to analysts; similar attacks were used against Ukraine six years later.

Hilary Foster, a barrister’s clerk from Surbiton, south-west London, found that scammers had tried to go on a shopping spree funded from her bank account. The covert state activity led one academic to liken the hackers to the privateer ships in the Elizabethan era sent off to attack treasure ships of enemy nations.

Customers are to be given free credit monitoring to check if their identity has been cloned but have been warned that everyone with a TalkTalk account should assume they are at risk. Europol said there was a blurring of the lines between groups who broke into critical infrastructure systems to steal information and profit-driven cyber criminals – “with both camps borrowing tools, techniques and methodologies from each other’s portfolios”. One TalkTalk customer, John Walter, 46, from Pimlico, central London, told The Telegraph his home account was targeted two days before the attack was said by TalkTalk to have taken place. “Someone rang up on Monday claiming to be from TalkTalk and they had all my account details,” said Mr Walter, who works as a senior analytics director at credit rating firm Moodys.

I am really, really angry TalkTalk found out about this on Wednesday and didn’t tell customers until a day later.’ Iain Frater, a trainee doctor from Glasgow, said: ‘They slowed my internet down then phoned pretending to be TalkTalk support. The London-based tricksters pose as police or bank staff and claim their victim’s account is compromised, before sending fake couriers to collect bank cards and details. Mr Vaz said last night: “Suggestions that TalkTalk has covered up both the scale and duration of this attack are alarming and unacceptable and must be thoroughly investigated.

Shares in TalkTalk, which had fallen 7 percent since the group’s websites went down on Wednesday, fell as much as 8.5 percent on Friday to a two-year low of 238 pence. The guy really sounded like he was in a TalkTalk call centre.’ Asked by Channel 4 if the company had failed to invest in sufficiently tough online security following two previous attacks, she replied: ‘In retrospect – absolutely. The clumsily worded statement that followed the cyber-attack on TalkTalk led one security analyst to scoff that the claim of responsibility appeared to have come via Google Translate. She added that she was “unable to say” whether scam phone calls to its customers in recent days were based on information stolen in this week’s hack or on earlier occasions.

But the online release gave few clues to suggest whether “The Web of Haram” was a jihadist-inspired attack, a cover for a Russian-backed attempt to create economic mischief, or the work of a disaffected schoolboy operating from his bedroom. Christopher Graham, the Information Commissioner who has the power to levy fines of up to half a million pounds for data breaches, said the company should have shown “heightened concern” in the wake of such serious incidents.

The growth of the market in hacking tools has allowed a new broad base of “unskilled, entry-level” cyber criminals to launch attacks on a scale way beyond their own technical ability. Asked whether the company would now face official action by the watchdog Mr Graham declined to comment because his organisation is now carrying out an official review. Miss Harding said: ‘Our email system was running very slowly and that is usually an indication that someone is trying to bombard your systems to get in.’ David Emm, of the cyber-security firm Kaspersky Lab, said: ‘TalkTalk should be ashamed. Peter Sommer, a visiting professor at De Montfort University’s cyber security unit, said it looked as though TalkTalk had “made some rather unfortunate decisions” about their systems.

That made it easy for the still-unknown attackers – perhaps criminals, perhaps political extremists, perhaps a mixture of the two – to steal customer information from its computers. The company’s bland and contradictory statements since the attack – and especially the woeful performances by chief executive Dido Harding – only compound the impression of incompetence.

Far too many company directors have not the faintest idea how computers work, or the formidable arsenal of weapons and trickery which attackers can deploy. The hapless Miss Harding, bumbling from studio to studio, was unable to explain how her company had been attacked, how long the attack had gone on for, what had been stolen and whether the computers and networks were now secure. An illiterate and venomous posting on the Pastebin website, accompanied by what appears to be a portion of the data stolen from TalkTalk, appears to claim responsibility on behalf of Islamist extremists.

So attacking TalkTalk, a major provider of mobile phone and internet services, could be a stunt by those bent on destroying our way of life in the misguided pursuit of piety. Even ordinary internet users can be blackmailed because they have left a compromising trail online by browsing pornographic websites, or posting indecent pictures.

Here you can write a commentary on the recording "Hackers demand ransom from British telecom TalkTalk".

* Required fields
Our partners
Follow us
Contact us
Our contacts


ICQ: 423360519

About this site