Quattro arrestati per attacchi informatici su M&S, Co-op e Harrods
https://www.independent.co.uk/news/uk/crime/marks-spencer-co-op-harrods-cyber-attack-hacking-arrests-b2786371.html
di ConsciousStop
Quattro arrestati per attacchi informatici su M&S, Co-op e Harrods
https://www.independent.co.uk/news/uk/crime/marks-spencer-co-op-harrods-cyber-attack-hacking-arrests-b2786371.html
di ConsciousStop
8 commenti
Damn; M&S, COOP and Harrods got hacked by some teenage script kiddies?
> Three teenagers and a young woman have been arrested as part of an investigation into cyber attacks targeting Marks & Spencer, Co-op and Harrods.
>
> The National Crime Agency (NCA) said four people were arrested early on Thursday morning on suspicion of blackmail, money laundering, offences linked to the Computer Misuse Act and participating in the activities of an organised crime group.
>
> The arrests included a 17-year-old British man from the West Midlands, 19-year-old Latvian man from the West Midlands, 19-year-old British man from London and 20-year-old British woman from Staffordshire.
>
> All four were arrested from their home addresses and remain in custody.
>
> It comes after investigations by NCA into attacks against the three retailers, where hackers sought ransom payments after breaking into their IT systems.
>
> Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “Since these attacks took place, specialist NCA cybercrime investigators have been working at pace and the investigation remains one of the agency’s highest priorities.
>
> “Today’s arrests are a significant step in that investigation but our work continues, alongside partners in the UK and overseas, to ensure those responsible are identified and brought to justice.”
I was expecting a devious and complex criminal organisation to be behind this that would have required a full investigation by James Bond and Miss Moneypenny, requiring travel to Thailand, Laos followed by a stealth glider infiltration of a former Soviet radar base in Siberia .
But what we got was this.
Not looking to hack anything, but I’d seriously love to know how they learned their craft if they’re doing this in their late teens.
I assume they will also be arresting the CEOs of these multi million pound organisations for not vetting their supply chain properly, exposing their customers to fraud, impersonation, and data protection breaches through woeful security, resilience, compliance, training, transparency, and sustainability practices that even the most basically trained web developer could have identified in an audit. Not to mention the fact that exposing spending habits of citizens to potential unfriendly foreign powers is a national security risk.
… nope? We’re going to sweep it under the rug and pity party those poor wealthy folk who lost money.
I’d argue those kids deserve a bug bounty and an award for exposing the tip of the criminal iceberg going on in British business. Because it’s very clear most retail (and many online) organisations don’t give two shits about your security or this country.
If they did it and they go to prison, part of their sentence should be training cybersecurity / NCA new recruits about how to avoid hacking under very close supervision.
What they did is bad but it’s equally embarrassing for the U.K. if this turns out to be just four self trained hackers wreaking havoc on multi billion pound businesses. If these lot can do it, imagine what other hostile government backed nations can do?
It’s time to invest in our cybersecurity not just for businesses but for the government too.
If you are smart enough to hack a large organisation, why aren’t you smart enough to cover your tracks?
> happened earlier this year.
The arrests included a 17-year-old British man from the West Midlands, 19-year-old Latvian man from the West Midlands, 19-year-old British man from London and 20-year-old British woman from Staffordshire.
Will they be punished severely? They are young. Are cyber laws strict in the UK like in the USA? Kevin Mitnick was punished pretty hard.