Hack of Polish Telco Mixes Crime with Politics

Netia, Poland’s second largest telco, was breached recently. The attack resulted in 14GB of data being dumped online, including the personal details of customers. The news was confirmed by a statement from Netia admitting the compromise of messages sent via two contact forms on their netia.pl website, although they insisted that passwords and log-ins to their self-service portal had not been exposed. Netia responded to the breach by giving customers advice in the form of a downloadable Word document (in Polish).

So far, so commonplace, though I might not have responded to a security failure by asking customers to download something over the internet. Telcos are the targets of criminals just like any other big business with an online presence. Weaknesses in web contact forms have been exploited before, which makes it regrettable that some big telcos remain vulnerable. What made this attack different from the norm is that the attackers also had a political dimension. Links to the leaked data were tweeted from an account registered using the name Pravy Sektor, a right-wing Ukrainian political party. Pravy Sektor denied any involvement with the hackers and said the Twitter account had been faked to look like theirs.

A very informative article on Motherboard analyzed the activities of the Twitter account and found it was mostly used to push garbage. The hacked data dump from Netia has been followed by a series of other apparently ‘hacked’ documents that are probably fake. These documents cover a variety of topics including the NSA’s PRISM surveillance program and files supposedly obtained from an Armenian embassy. It seems the hackers – or whoever created these social media accounts – have used the Netia hack to lend credibility to a hodgepodge of bogus revelations, all with a political angle. You can read the Motherboard article here.

Often we think of telcos as needing to protect themselves from the direct financial losses that result from crime, but this incident shows the motivations of cyber attackers are very varied. Even relatively minor security weaknesses may be exploited by hackers just to get publicity for themselves and for their cause. But telcos still lose when they fall victim to these hacks, because of the damage to their reputation and the cost of reassuring customers.

Eric Priezkalns
Eric Priezkalns
Eric is a recognized expert on communications risk and assurance. He was Director of Risk Management for Qatar Telecom and has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and others.   Eric was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He was a founding member of Qatar's National Committee for Internet Safety and the first leader of the TM Forum's Enterprise Risk Management team. Eric currently sits on the committee of the Risk & Assurance Group, and is an editorial advisor to Black Swan. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.   Commsrisk is edited by Eric. Look here for more about Eric's history as editor.