Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

NBN provider one of many cyber breaches

Police have flagged more arrests over one of Australia's biggest online hacking attacks

Police have flagged more arrests over one of Australia's biggest online hacking attacks, which they say could escalate to companies overseas.

But the company targeted by the attack warned it could have been much worse if the National Broadband Network (NBN) provider had failed to detect the man who had accessed the company's computer systems for months.

Platform Networks managing director, David Hooton, said on Wednesday it detected a breach of its systems back in December.

"We believe that as a result of our actions in this instance we have assisted the AFP (Australian Federal Police) in securing a fairly large number of other organisations that may or may not have been affected," Hooton told AAP.

"We are not being individually singled out in this. We just happen to be one of the affected organisations in the entire thing."

David Cecil, an unemployed truck driver, who allegedly gave himself the online nickname Evil, has been charged with the nation's biggest hacking attack, police say.

In Orange Local Court on Wednesday, it was alleged the 25-year-old Cowra man had control of Platform Networks' entire system for six weeks.

Cecil was charged with one count of an unauthorised change of data and 49 counts of accessing restricted data over his alleged incursions into Platform Networks.

It is alleged he is a self-taught hacker who acted alone, spending up to 20 hours a day on his home computer.

Operation Damara kicked off in January when AFP officers began looking at hacking crimes of Sydney University's website and several Melbourne businesses.

AFP High Tech Crime Operations manager Grant Edwards said Damara was far from over.

"It is likely that further charges will follow and there is the potential that others will also be arrested," Edwards told reporters in Canberra on Wednesday.

"And the operation actually now relates to a number of unauthorised accesses and modifications to a number of companies both within Australia and overseas."

Hooton said Platform detected the original breach within 48 hours, duplicated the affected systems and then quarantined or "isoantibodies" them so the hacker did not know the AFP was monitoring their activity.

"From our perspective at the moment, we don't believe there's been any serious actual compromise of information," he said.

Hooton declined to comment as to why someone would target Platform.

A spokesman for NBN Co Limited, the company tasked with rolling out the national broadband network, said Platform Networks was not yet offering services over the NBN.

"The national broadband network was not affected by this incident," the spokesman said in a statement.

Dr Asha Rao, RMIT University lecturer of information security, said people with no technical experience needed only a computer and the devotion to wreak havoc.

"All the tools are available. It's just a Doodle search away," Rao told AAP on Wednesday.

"It's not hard, it just takes a lot of time. You need to basically not have a life."

Companies deploy layer upon layer of security with the hope of catching hackers before they get well inside the systems, she said.

But there is only one way to completely protect personal or company computing systems.

"You can never make your computer 100 per cent secure, that's not possible," Rao said.

"It's like a car. If you wanted a fully secure car, it would have to be built like a tank and go at five kilometres an hour.

"We don't want that, we don't want a computer that is very slow.

"And they say a fully secure computer is one which is not connected to the internet and is switched off."

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: AAP, Australian Federal Police, etwork, Federal Police, MIT, Orange, RMIT

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: hacking, National Broadband Network (NBN), NBN, networking, platform networks, security, security breach
Latest Blog Posts
Whitepapers
  • The mobile print enterprise - How IT consumerisaton is driving anytime, anywhere printing
    The widespread adoption of smartphones and tablets, across Android, BlackBerry and Apple iOS platforms, has broadened the effectiveness of professional workers to remotely support business requirements. A continued reliance on printing amongst many businesses means IT must provide enterprise mobile printing capabilities that are secure and reliable. This not only ensures employees remain productive but also allows mobile printing to be tracked and controlled – vital in an era when many businesses face financial, environmental and security concerns. Read more.
    Learn more »
  • Managing Trust - Data protection and compliance for financial services
    If it’s becoming something of a cliché that the financial services industry is one of the world’s most heavily regulated, that’s largely because it’s true. Data retention and archiving, authentication and authorisation, data loss prevention and privacy regulations compete with demands for transparency and accountability, while market imperatives calling for multiple service channels delivered over a broad spread of technologies add to the pressure. Read on.
    Learn more »
  • Eight threats your antivirus won’t stop - Why you need endpoint security
    News headlines are a constant reminder that malware attacks and data loss are on the rise. High-profile incidents that make big news might seem out of the ordinary. Yet businesses of every size face similar risks in the everyday acts of using digital technology and the Internet for legitimate purposes. This paper outlines eight common threats that traditional antivirus alone won’t stop, and explains how to protect your organisation using endpoint security.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments