The TalkTalk Hack: What You Need to Know
This article was submitted by Cassie Phillips from SecureThoughts, an online security information portal.
TalkTalk, one of the largest providers of broadband and phone service in the UK, has recently admitted to being the victim of a large cyberattack. For those in the United States or in another country where TalkTalk’s influence isn’t as widespread, it could be considered on the same level as a Verizon or an AT&T data breach.
The First Signs
The company recently released a statement telling its millions of customers that there was a “significant and sustained cyber attack on our website yesterday” (as of 10/22/2015), and, therefore, an investigation is being launched to find the culprits. In the same statement, they similarly warn that the data stolen from consumers could have include addresses, names, dates of birth, account information, and financial information. The rest of the statement mostly consisted of instructions for customers on how to better protect themselves from the results of the cyber attack. Compared to other statements in similar situations, the language appeared to be immediate and worried, showcasing the lack of control TalkTalk had over the situation.
Hackers and other cybercriminals have used a lot less information to steal identities, and now an unknown quantity of the information is likely available on online black markets dedicated to the trading of information as a commodity. In the worst case scenario, there would a strong likelihood that even months down the road victims will be feeling the ripples from this massive cyber attack.
After the First Update
Fortunately, TalkTalk released another statement stating that “This cyber attack was on our website, not our core systems,” meaning that much of the information that could be directly used for identity theft was not fully available to the hackers.
Yet the average TalkTalk customer remained endangered, as the information that was available could still be used in the aid of cyber attacks. Many will find disturbing the fact that their address is available to the highest bidder. The sheer volume of this information means that the culprits will be making a profit on their time and effort if they manage to sell it.
It should be noted that the culprits of these types of attacks rarely use it themselves but sell it to syndicates and fraudsters. Similar processes occur when hackers throw a figurative dragnet over public networks hoping to intercept the information of people not using a VPN.
Later we learned more about the specific data involved, which you can read about here. It wasn’t nearly as bad, but it was still much worse than it needed to be.
Teenagers? Yes, Teenagers.
Fortunately for all of those involved, there have been multiple arrests in connection with the attack. As of the time of this writing, two teenage boys have been arrested and questioned about the attacks, and they have both currently been released on bail. We are still waiting to hear more about the teenagers and their exact involvement in the attacks, but it is setting the media alight with speculation about the security of TalkTalk. If a few teenagers can play an instrumental role in infiltrating one of the largest telecommunications companies in the UK, what else is possible?
The identities of the alleged culprits have both shocked and frightened consumers, although professionals aren’t too surprised (but they aren’t concerned). Unless the teenagers are exceptionally gifted (which is always a possibility), this is a demonstration at the ability of people to find hacking tools and scripts online, and hackers are too often more than willing to share (having hidden malware or other code beneficial to the creator inside the program). We cannot expect this to be the last attack of this nature.
What Could Have Been Done?
In the security community, most of the response has been critical of TalkTalk’s efforts to protect their information inside their servers. Andy Heather, VP of HP Security, comments on the subject that "If data is left unprotected, it's not a matter of 'if' it will be compromised, it's a matter of ‘when.’" Many of the other professional quotes are along the same lines, and there is a clear call to action regarding security protocols in large corporations.
In many cases, the data stolen could have been encrypted inside the servers of TalkTalk, yet for some reason this is not the case. If negligence is shown, this could mean a hefty lawsuit costing TalkTalk a great deal of money on top of the lost goodwill and customers. Who was making the calls regarding security? Could this have been prevented? What changes will be implemented in the future to prevent this kind of situation?
Image courtesy of Maurizio Pesce under CC BY 2.0
Do You Think You Might Be Affected?
If you are a TalkTalk customer who might have been affected by the hack, it is advised that you change your password and any other security identification information that you can. You should note that TalkTalk will never ask you for your full password or bank information unless it is through a pre-arranged appointment. If you are ever suspicious, you should always err on the side of caution. Do not download software or click on links allegedly from TalkTalk that you fear might not be safe. Again, err on the side of caution. You may wish to visit TalkTalk’s website set up in response to this crisis.
This entire situation only shows consumers that cybersecurity is a complex issue that not even the industry giants have locked down. Alternatively and perhaps more disturbingly, it could show that the industry giants will put profit ahead of protecting their customers. Either way, the relationship between broadband giants and consumers is broken, and consumers feel the increasing need to take security into their own hands.
About SecureThoughts: Secure Thoughts is the leading technology security information portal on the web. We’ve helped major players in tech industry, such as Google, Microsoft, and Apple, ensure their technology is safe and their users are protected.[website].
Most Recent Articles
You Might Be Interested in Reading These Articles
Google has introduced new rules about how mobile app developers and companies deal with customer impact on apps across the board. What is it?
The new regulations call for increased transparency with regards to how apps make use of customer data. Developers need to ensure that the way they handle user data - from how they collect it to what it might be used for - is perfectly clear to all users. In Google’s words, developers must “limit the use of the data to the description in the disclosure”. In layman’s terms, this means that data use and privacy policies need to be clearly visible on app descriptions in the Google Play store, and not simply within the app itself.
Published on October 10, 2017
To show Apple a flaw in their environment, a team of University researchers created a malware app and uploaded it to the App Store. This malware can steal passwords from installed apps, email clients, and Google's Chrome web browser. By exploiting this flaw, hackers can bypass the App Store security check using this hacking app.
Published on July 28, 2015
With APIs (Application Programming Interfaces) becoming a crucial factor in any web or mobile application, security feels more like a journey than a destination. Of all the constituents that encompass an application, API gateway offers easy access points for a hacker to break in and steal your data. A single error in API can cause immense problems for any organization using your API.
Published on November 22, 2016