On 16 and 21 October 2015 Matthew Hanley hacked the TalkTalk website and stole personal details of over 150,000 customers. This included their full names, postal addresses, telephone numbers, dates of birth and banking details. Hanley handed the data over to Connor Allsopp to sell to Daniel Kelley, who had the intention of committing fraud with the information. Kelley then tried to extort 465 bitcoins (around US$2 million) from Dino Harding – the CEO of the company at the time.
TalkTalk suffered massive losses. The breach cost the company a staggering £77 Million in financial losses, including a fine of £400,000 levied on the company by the Information Commissioner’s Office (ICO) for their failure to carry out fundamental security measures required to prevent a security breach such as this from happening. This is not to mention the implications the attack has on future business for the company. Who wants to subscribe to a vulnerable supplier? The attack also caused severe distress and misery to the people whose confidential information were stolen and then passed on to a third party.
Two individuals of extraordinary talent
The court case took place on Monday, 19 November at Old Bailey where Judge Anuja Dhir presided. The Judge said that it is tragic that the two hackers have such extraordinary talent. During the trial, Matthew Hanley (23), and Connor Allsopp (21) admitted to the crimes against TalkTalk. Until his arrest on October 2015, Hanley was an unwavering hacker – he was fully aware that what he was doing is illegal, and of the risk involved in it. The hacker was sentenced to one year in prison and his associate Allsopp received an eight-month sentence. Described by Judge Dhir as a ‘dedicated hacker’ Hanley’s sentence was longer than Allsop’s who ostensibly played a lesser role in the cybercrime.
Android is great. It’s established a solid reputation when it comes to the wide and varied choices in handsets, reliable hardware, fast charging and a fantastic range of apps. Unfortunately, Android is not that great on all fronts. In fact, when it comes to security updates it’s quite a mess.
The problem with Android updates
There’s no issue with the availability of Android security updates. Even when security patches are rolled out in time, Android device manufacturers often take their time by delivering patches to their customer base. This leaves major parts of the Android ecosystem vulnerable to hackers. To combat this, it is crucial that patches are delivered regularly and on time – which is currently not happening.
What Google is doing about it
In Google’s I/O Developer Conference in May, the company revealed a plan to compel Android device manufacturers to roll out security patches on a regular basis. Later in the year, an unverified copy of Google’s new contract with OEMs was leaked. According to the contract, manufacturers will have to provide regular security updates for popular devices for at least two years. This is defined as all devices that have been launched after 31 January 2018 and have achieved over 100,000 users. The mandate specifies a minimum of four security updates during the first year but fails to specify an amount pertaining to the second year. It also stipulates that patches created for security risks may not be delayed for more than 90 days.
Change is on the horizon
According to a spokesperson from Google, 90 days is a minimum requirement when it comes to security hygiene. It was also stated that the most recently-deployed Android devices are running an update from the last 90 days. Although this ties in with the leaked contract, its authenticity has not been verified. Should it be genuine, the changes made by Google are set to make a profound impact on the state of Android security and be of serious benefit to Android users. In other news, Google has announced a plan to start charging licensing fees to Android OEMs in Europe who want to include Gmail, the Play Store, Maps, Chrome and YouTube on Android handsets.
HolistiCyber Offers Protection Against WannaCry Ransomware
In May 2017 what is believed to be the biggest ransomware campaign yet hit hundreds of companies around the globe. Identified as a variation of WannaCry ransomware, it blocks access to the victim’s computer system and files and demands a payment of as much as US$300 per computer to unblock it. Once a single computer is infected with the ransomware, it searches for other vulnerable computers in the network and infects everything in its path. Because of vulnerabilities in Microsoft products after a Windows exploit was recently hacked from the NSA, the dangerous campaign is spreading at an astounding pace. In only a few hours more than 45,000 computers in at least 74 countries were infected.
Cyber Attacks Could Bring the World to Its Knees
This particular attack affected 16 UK hospitals to such an extent that they had to shut down work. In Spain over 85% of the country’s main telecommunications firm Telefonica was infected. These hackers are turning out to be a powerful global threat. With cyber attacks not only increasing in frequency but also in severity, it is becoming clear that significant investments in cyber defence technologies should be made. End-to-end holistic cyber security solutions have to be implemented to ensure safety from this massive threat.
World-Class Cyber Protection
HolistiCyber delivers integrated defence options with the express aim of keeping clients safe from highly sophisticated hackers. I co-founded the company in 2016 together with brigadier general Ran Shachor and former air force officer Moshe Ishay. All employees are former military intelligence, both Israeli and American. As a company, we focus on developing cyber solutions for advanced protection against cyber attacks on a wide variety of fields including the insurance industry, credit companies and more. Our main markets are the US and Europe. With a comprehensive service portfolio, HolistiCyber is equipped to identify, prevent and neutralize all major security threats.
Security researchers made a worrisome discovery of two major vulnerabilities in chips installed in millions of networking devices and access points around the globe.
Named BleedingBit, the two chip flaws in Bluetooth Low Energy (BLE) chips may allow hackers to run arbitrary code to take complete control of devices that don’t require authentication. This includes point-of-sales and IoT devices and well as critical medical devices such as pacemakers and insulin pumps. The discovery was made by researchers at Armis, an Israel-based security company that was also responsible for recently discovering BlueBorne, a range of Bluetooth-related flaws that affected billions of smartphones, TVs, laptops and watches using Android, Linux, iOS and Windows.
The vulnerabilities unveiled exist in BLE Stack chips manufactured by Texas Instruments and are embedded in a range of their enterprise products, used by companies such as Aruba, Meraki and Cisco. The first flaw affects many of Meraki and Cisco’s Wi-Fi access points. It uses a loophole in how incoming data is analysed by the chips. When excess data is sent to the chip, its memory is corrupted which makes the device vulnerable to malicious code. The second flaw stems from a firmware update done to a feature called Over the Air Firmware Download (OAD). All Aruba access points share the same password to this feature which can easily be obtained by hackers through sniffing a legitimate update or by reverse-engineering the Aruba BLE firmware. A malicious update can then simply be delivered to the access point and full control can be gained.
After making the discovery, Armis reported it to all vendors and duly assisted companies with rolling out updates that address the issues. Texas Instruments confirmed the flaws and subsequently released security patches to affected companies. Cisco, Meraki (owned by Cisco) and Aruba released security patches for the hardware and announced that they are not aware of anybody exploiting these vulnerabilities.
Cybercriminals never take breaks and never waste an opportunity to steal sensitive data from unsuspecting companies. British Airways doesn’t look like an easy target, but apparently, their defensive mechanisms were not enough to prevent hackers from stealing customer data from their website. The company has confirmed the fact that as many as 380,000 customers had their personal details and credit card numbers exposed during the data breach.
15 Days of Cyber-Insecurity for British Airways
The attack started on August 21 and customers who have booked their flights on the company’s website and through its mobile app were affected. British Airways has advised them to get in touch with their banks and take the necessary measures to protect themselves. The hackers got their hands on the names, addresses and financial information belonging to the victims. According to a British Airways spokesperson, they were not able to get the travel details and passport numbers.
Furthermore, the company has reassured customers that the payment methods saved on its website are still secure. Essentially, the hackers only got the information from the credit cards used during those two weeks of mayhem. British Airways didn’t provide information about how the hackers were able to create the breach, but went to great lengths to reassure customers that they are no longer in danger. Meanwhile, the National Crime Agency is working to assess the best course of action.
Now that the vulnerability has been resolved, British Airways clients were reassured that they can access the site and buy tickets securely. This is not the first time an airline is attacked by hackers this summer, as this incident comes just a few weeks after Air Canada suffered a major data breach. In that attack, more than 20,000 customers using the company’s mobile app had travel and passport details exposed.
Shimon Sheves truly embodies the adage, “Think Global, Act Local”. He is deeply passionate about his homeland of Israel and works tirelessly to support his community. Sheves is also the founder and chairman of HolistiCyber company that provides nation-state level cyber protection.