TalkTalk cyber attack: Hacking tools open up crime to anyone
The growth of the market in hacking tools has allowed a new broad base of 'unskilled, entry-level' cyber criminals
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.The huge scale of theft of personal records from industry and governments led to 2014 being described as the “Year of the Data Breach”. An estimated 3.4 billion records have been lost worldwide since 2013, according to an industry database tracking the trend. But if the scale of the loss is hard to fathom, the motives and identity of the suspects behind them can be harder still.
The line that previously divided hacktivists, criminals and outsourced, state-led efforts at espionage have become blurred, a report by the European police agency said last month. Criminals are increasingly adopting the long-term tactics of highly skilled, highly motivated groups often charged by a state to break into critical systems of rival nations and steal information. “Even though cyber sabotages have been infrequent so far, attacks on critical infrastructures are a threat that is here to stay,” said Europol.
When Russia invaded Georgia in 2008, patriotic hackers were given the technological tools to carry out cyber-attacks to back the military efforts, according to analysts; similar attacks were used against Ukraine six years later. The covert state activity led one academic to liken the hackers to the privateer ships in the Elizabethan era sent off to attack treasure ships of enemy nations.
Europol said there was a blurring of the lines between groups who broke into critical infrastructure systems to steal information and profit-driven cyber criminals – “with both camps borrowing tools, techniques and methodologies from each other’s portfolios”.
Cyber crime remains a growth industry and data is one of the most sought-after prizes; the majority of malware [malicious software] created by criminal technologists is designed to obtain it. The theft of information leads to secondary crimes of fraud and extortion.
The clumsily worded statement that followed the cyber-attack on TalkTalk led one security analyst to scoff that the claim of responsibility appeared to have come via Google Translate.
But the online release gave few clues to suggest whether “The Web of Haram” was a jihadist-inspired attack, a cover for a Russian-backed attempt to create economic mischief, or the work of a disaffected schoolboy operating from his bedroom.
The growth of the market in hacking tools has allowed a new broad base of “unskilled, entry-level” cyber criminals to launch attacks on a scale way beyond their own technical ability.
Partly because of this, companies have come to see data breaches as inevitable, and the response of organisations affected is crucial. The repeated and continuing failure of TalkTalk to encrypt the personal data of its customers suggests that its response has fallen badly short.
Have you been affected by the TalkTalk cyber attack? Email us at talktalk@independent.co.uk or tweet us @Independent to tell us your story