TalkTalk Attack Shows Firms Have No Place to Hide From Hackers

26 Oct 2015 | Author: | No comments yet »

‘Every company vulnerable to TalkTalk style hacking attack under Snooper’s Charter’.

Every company is vulnerable to a hacking attack like the one suffered by TalkTalk, it was claimed as it emerged that companies may be powerless to prevent criminals stealing their customers’ data. TalkTalk chief executive Dido Harding has insisted the company’s cybersecurity is “head and shoulders” better than its competitors in the wake of the massive hack attack affecting thousands of customers.Last week, it was revealed that a group of Russian jihadist hackers had broken into the company’s computers and accessed the personal data and bank details of customers, with one expert likening it to ‘the Great Train Robbery of the 21st century.’ Information security consultant Paul Moore has also claimed that the firm previously ignored his warnings about data incryption after making changes to the way that credit and debit card payments were handled.The impostor called the couple, both in their 80s, on Tuesday – the day before TalkTalk claim the hack took place – telling them that the internet connection at their Kent home was faulty.

TalkTalk customers targeted by cyber-criminals reacted with fury last night after being told they will be fined hundreds of pounds for cancelling their accounts. ‘It is appalling,’ said Dawn Palmer, 50, an educational manager from Leigh-on-Sea, Essex, who has received 50 calls from impostors claiming to be from TalkTalk over the past six months. ‘They said my account doesn’t run out until July 2016 so I’d have to pay an early-leavers’ penalty.’ Her sentiment was echoed by hundreds of others whose personal details were compromised. Security experts said that the so-called snooper’s charter, which will give British spies access to telecommunications data by law, will “sabotage” attempts to defeat cyber crime by creating a “back door” through which hackers can enter. In an interview with the Guardian, Harding conceded it would be “naive” to rule out the prospect of the telecoms firm suffering a similar cyber-attack in the future, describing the threat from hackers as “the crime of our generation”. She told the man posing as a TalkTalk employee that she had been overpaid and wanted to return the money – to which she was told to pay back £4,900 following his instructions. Anyone who has typed personal information into a webpage has “had it compromised in some way” because data is frequently left unprotected on computer servers, the experts claimed.

Asked about claims by an IT researcher that he raised concerns about TalkTalk’s security with her office last September, Harding said its security had “improved dramatically” in the last year. TalkTalk last night insisted that its website rather than its computer servers were targeted and that no credit card details are stored on the website. As frantic investigations continued at TalkTalk, which still has not ascertained the scale of the data breach, its chief executive said she would leave if her customers demanded it. Shame on TalkTalk – that money was what my parents live on.’ Hilary Foster, a barristers’ practice manager from Surbiton, Surrey, said she discovered on Friday morning that her account had been targeted by the cyber-hackers. ‘It’s outrageous that TalkTalk didn’t tell me about the risk earlier,’ said the 43-year-old. ‘They’ve known since Wednesday and I only found out this morning when I checked my account. Speaking to The Telegraph, Dido Harding said: “In some ways I would love to say this is just a TalkTalk issue, I’d love to believe this is just us – but it isn’t. “This is happening to a huge number of organisations all the time.

Asked whether customers should be compensated rather than penalised, Baroness Harding, who pledged to clean up the web from hackers after her elevation to the House of Lords last year, said: ‘It is too early to start thinking about generic principles of compensation.’ Consumer watchdog Which? insisted customers should now be compensated, stressing: ‘No one should lose out as a result of this breach’, while the Information Commissioner’s Office questioned whether TalkTalk acted fast enough to tell customers about Wednesday morning’s attack. God knows, we’ve just demonstrated that our website security wasn’t perfect – I’m not going to pretend it is – but we take it incredibly seriously. “On that specific vulnerability, it’s much better than it was and we are head and shoulders better than some of our competitors and some of the media bodies that were throwing those particular stones.” TalkTalk is unable to say how many of its 4 million customers were affected by the major data breach, in which peoples’ names, addresses and partial bank account details were stolen. Labour’s Shadow Minister for Policing, Jack Dromey, said: ‘She should now consider her position,’ he said. ‘To put four million customers at risk is something TalkTalk should be ashamed of.’ Harding, who went to Oxford University with David Cameron, said in a TV interview yesterday the amount of financial details accessed was ‘materially lower’ than initially thought. My job, my company, we exist at the gift of our customers, so our customers will make that decision over time.” The verdict may arrive in the form of an exodus of subscribers to TalkTalk phone, broadband, TV and mobile deals. Harding said it was “too early to say” whether the company will establish a compensation fund to handle the fallout from the attack because it was still unclear how many customers had been affected and to what degree.

A former IT worker with the firm told The Mail on Sunday that he repeatedly raised security concerns with his bosses. ‘I told my manager, my senior manager and my head of department,’ he said. ‘But they never did anything about it.’ He said the cyber-attack in August on Carphone Warehouse, which used to own TalkTalk, should have ‘rung alarm bells’. Detectives from Scotland Yard’s cybercrime unit are investigating the hack attack specialists amid reports that specialists from BAE Systems have been called in by TalkTalk to track down the hackers. In the latest theft, which is being investigated by the Metropolitan Police, the credit card information gained by the hackers was insufficient to make transactions, Baroness Harding said.

Joe Sturonas, chief technology officer at US encryption specialists Pkware, said: “Many companies have only focused on encrypting devices and networks, but have largely avoided encrypting the data itself. “What has been demonstrated time after time is that getting past the devices and networks protection is possible. Jens Monrad, from the cyber-security company FireEye, said the data stolen in the TalkTalk hack could have been sold days ago, perhaps before the breach was made public. He said: ‘These hackers will want to sell it on as soon as possible so that customers don’t have time to change their passwords.’ Harding’s husband, Tory MP John Penrose, speaking at their Somerset home yesterday, said she was working ‘incredibly hard’ at TalkTalk’s West London HQ this weekend. ‘She feels that the captain should be on the bridge of the ship right now,’ he said. At the time Moore gave TalkTalk a poor cybersecurity rating after running tests on its website, but its score was later increased after the company took steps to fix the vulnerability.

Goodness knows I’ve been one of its biggest fans … and it’s not right that having lost your bank account number and sort code that people can take money from your bank account – they can’t.” Harding insisted that TalkTalk would “thrive” following the attack if customers saw that it was being transparent about what had happened. What we’re trying to do – and it’s very painful and hard for everybody in the organisation working their socks off – is to be open and transparent about it and share the information maybe earlier than people are used to, so we can warn our customers and protect them.”

Here you can write a commentary on the recording "TalkTalk Attack Shows Firms Have No Place to Hide From Hackers".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site