The TalkTalk Hack: What You Need to Know
This article was submitted by Cassie Phillips from SecureThoughts, an online security information portal.
TalkTalk, one of the largest providers of broadband and phone service in the UK, has recently admitted to being the victim of a large cyberattack. For those in the United States or in another country where TalkTalk’s influence isn’t as widespread, it could be considered on the same level as a Verizon or an AT&T data breach.
The First Signs
The company recently released a statement telling its millions of customers that there was a “significant and sustained cyber attack on our website yesterday” (as of 10/22/2015), and, therefore, an investigation is being launched to find the culprits. In the same statement, they similarly warn that the data stolen from consumers could have include addresses, names, dates of birth, account information, and financial information. The rest of the statement mostly consisted of instructions for customers on how to better protect themselves from the results of the cyber attack. Compared to other statements in similar situations, the language appeared to be immediate and worried, showcasing the lack of control TalkTalk had over the situation.
Hackers and other cybercriminals have used a lot less information to steal identities, and now an unknown quantity of the information is likely available on online black markets dedicated to the trading of information as a commodity. In the worst case scenario, there would a strong likelihood that even months down the road victims will be feeling the ripples from this massive cyber attack.
After the First Update
Fortunately, TalkTalk released another statement stating that “This cyber attack was on our website, not our core systems,” meaning that much of the information that could be directly used for identity theft was not fully available to the hackers.
Yet the average TalkTalk customer remained endangered, as the information that was available could still be used in the aid of cyber attacks. Many will find disturbing the fact that their address is available to the highest bidder. The sheer volume of this information means that the culprits will be making a profit on their time and effort if they manage to sell it.
It should be noted that the culprits of these types of attacks rarely use it themselves but sell it to syndicates and fraudsters. Similar processes occur when hackers throw a figurative dragnet over public networks hoping to intercept the information of people not using a VPN.
Later we learned more about the specific data involved, which you can read about here. It wasn’t nearly as bad, but it was still much worse than it needed to be.
Teenagers? Yes, Teenagers.
Fortunately for all of those involved, there have been multiple arrests in connection with the attack. As of the time of this writing, two teenage boys have been arrested and questioned about the attacks, and they have both currently been released on bail. We are still waiting to hear more about the teenagers and their exact involvement in the attacks, but it is setting the media alight with speculation about the security of TalkTalk. If a few teenagers can play an instrumental role in infiltrating one of the largest telecommunications companies in the UK, what else is possible?
The identities of the alleged culprits have both shocked and frightened consumers, although professionals aren’t too surprised (but they aren’t concerned). Unless the teenagers are exceptionally gifted (which is always a possibility), this is a demonstration at the ability of people to find hacking tools and scripts online, and hackers are too often more than willing to share (having hidden malware or other code beneficial to the creator inside the program). We cannot expect this to be the last attack of this nature.
What Could Have Been Done?
In the security community, most of the response has been critical of TalkTalk’s efforts to protect their information inside their servers. Andy Heather, VP of HP Security, comments on the subject that "If data is left unprotected, it's not a matter of 'if' it will be compromised, it's a matter of ‘when.’" Many of the other professional quotes are along the same lines, and there is a clear call to action regarding security protocols in large corporations.
In many cases, the data stolen could have been encrypted inside the servers of TalkTalk, yet for some reason this is not the case. If negligence is shown, this could mean a hefty lawsuit costing TalkTalk a great deal of money on top of the lost goodwill and customers. Who was making the calls regarding security? Could this have been prevented? What changes will be implemented in the future to prevent this kind of situation?
Image courtesy of Maurizio Pesce under CC BY 2.0
Do You Think You Might Be Affected?
If you are a TalkTalk customer who might have been affected by the hack, it is advised that you change your password and any other security identification information that you can. You should note that TalkTalk will never ask you for your full password or bank information unless it is through a pre-arranged appointment. If you are ever suspicious, you should always err on the side of caution. Do not download software or click on links allegedly from TalkTalk that you fear might not be safe. Again, err on the side of caution. You may wish to visit TalkTalk’s website set up in response to this crisis.
This entire situation only shows consumers that cybersecurity is a complex issue that not even the industry giants have locked down. Alternatively and perhaps more disturbingly, it could show that the industry giants will put profit ahead of protecting their customers. Either way, the relationship between broadband giants and consumers is broken, and consumers feel the increasing need to take security into their own hands.
About SecureThoughts: Secure Thoughts is the leading technology security information portal on the web. We’ve helped major players in tech industry, such as Google, Microsoft, and Apple, ensure their technology is safe and their users are protected.[website].
Most Recent Articles
- From State Machine to Stateless Microservice
- Entangled ways of product development in the area of cybersecurity #3 - LogMan.io
- Entangled ways of product development in the area of cybersecurity #2 - BitSwan
- Entangled ways of product development in the area of cybersecurity #1 - Asynchronous or parallel?
- State machine miracle
You Might Be Interested in Reading These Articles
We are a security Cat, specializing in mobile application security. You know that. In the last couple of months, we happened to stumble onto another tech domain: Business Intelligence (BI).
Published on December 26, 2014
Mobile are everywhere nowadays and a central part of almost everyone's lives. In fact, we are using them for everything - both for personal and business purposes. From streaming media entertains us on our way to work, to chatting with friends and family, to sending emails at work - mobiles are now effectively computers on the go. According to a study from Cisco, we are using mobile access more and more. And this trend will continue well into the future.
Published on October 25, 2016
Mobile app startup companies are notorious for cutting corners. One of the first things that is cut is security. After all, they have the big guys like Comcast, AT&T, and Verizon to protect mobile users, right? Wrong! All the way down the line. TechCrunch's article about security for mobile devices is an interesting theory on the state of security on the Internet. Although, they do hit the mark in the article about how companies fix the problem after the fact of the security breach.
Published on January 13, 2015