Monday 24 June 2013

Yet more hackers?

In the Daily Mail Littlejohn says:
 "Law firms, telecoms giants and insurance companies all hired criminals to harvest sensitive, confidential information. One of the country’s most prolific hackers, a private investigator, admitted that 80 per cent of his work was carried out on behalf of lawyers, wealthy individuals and insurers.
Other clients of hackers included a household name who broadcasts to millions of people every week; another celebrity who paid a firm to hack into an employee’s computer; and a businessman who wanted to obtain intelligence on rivals involved in a £500 million takeover bid.
Investigators routinely obtained everything from bank and credit card statements to itemised mobile phone bills"

This was following on from a report in the Independent that alleges that a suppressed official report accuses respected industries of hiring criminals to steal rivals’ secrets. Yet an official report into their practices has been suppressed.

An interesting part of the hacking process in the operation "Blaggers" who obtain key information that may be used in itself or facilitate the hacking of another system. This is referred to on the Information Commissioners Office website - Reports to Parliament. the May  report bring up an interesting list.

"Following the report the Information Commissioner received a request under the Freedom of Information Act 2000 for further information about the publications that the 305 journalists were employed by and a breakdown of their activity. After considering the relevant exemptions information which did not identify the journalists or the publications was provided to the requester. Having considered the matter further the Information Commissioner has decided that a further disclosure is in the public interest and in the context of a special report to Parliament is consistent with the discharge of his functions under the Data Protection Act 1998. The following table shows the publications identified from documentation seized during the Operation Motorman investigation, how many transactions each publication was positively identified as being involved in and how many of their journalists (or clients acting on their behalf) were using these services".

Interestingly on the top of the list was the Daily Mail, with a reported 952 transactions and 58 journalists/clients.

It seems that illegal practices identified by Soca investigators went beyond the simple crime of voicemail hacking (see previous blog - Phone "Hacking" or Opportunistic Access? ) and included live phone interceptions, police corruption, computer hacking and perverting the course of justice.

GCHQ may gather 39 billion separate pieces of information, but how do you find the bit you might want? One should probably concerned about who could access that data.  

The trouble with access points is that once they are there, unless there is some kind of physical switch to isolate them, they may be vulnerable to unwanted access. Who also might be able to access the probes that GCHQ has placed on more than 200 transatlantic cables?

The other problem with people owning .com names is that the USA could claim that any traffic must be routed by way of the USA. See Extradition .com ‘wire fraud’ - Who next for extradition? 

The problem has been around for some time though - See Hackers’ ancient and modern blog post. There is a bit more about this sort of stuff in my book "Cold Suspenders". There are different types of suspender, and none of them hold stockings up.

No comments:

Post a Comment