Reports that AT&T’s accounts system has been hacked – and the data used to make $2 million-worth of calls to premium rate numbers – should act as a wake-up call for IT security professionals everywhere.
The reason is that terrorists are reported to have funded the four men arrested in the Philippines in connection with the hack.
Although details of the database hack are still emerging, it seems that the hackers used the information harvested from AT&T’s servers to attack client telecoms computer systems, and so generate the revenue-producing calls.
What I find incredibly worrying is that a terrorist group is reported to have funded the hack. This is one of the first times that terrorists have been directly linked to hackers and it is of great concern – especially since their activities reportedly date back to 2009.
IT security professionals have known for some time that well-executed cybercrime can generate big money for those involved, but – to date at least – the cybercriminal gangs have been stereotypical East European criminals who spent their money on drugs and fast cars.
But here we appear to have direct evidence that terrorists are funding cybercriminal activities, presumably in order to generate illegal profits to plough back into their politically motivated crimes.
The bad news here is that these crimes often involve physical damage to property – and perhaps worse – people. Money, he adds, is a replaceable item, but people’s lives are a far more precious commodity.
And this is no tenuous link, as the New York Times report on the arrests says that the four men were working with a terrorist group that has been linked to Al Qaeda – and known to be responsible for the 2002 bombings in Bali.
Those terrible bombings killed more than 200 people. As the full details of this hack emerge, I suspect we shall find that the terrorist-financed hackers used relatively simple methodologies to gain unauthorised access to AT&T’s systems.
My first reaction is that they probably gained access to an account which allowed them access to some – or all – client credentials. I also suspect that simple privileged account management could have helped to prevent this crime from taking place.
Whilst it’s good to hear that AT&T has soaked up the reported $2 million financial losses, this sizeable sum could have found its way into criminal and possibly terrorist pockets. This is why this saga needs to act as a wake-up call to all security professionals on the need to raise the bar on cybersecurity.