Hack of Polish Telco Mixes Crime with Politics

Netia, Poland’s second largest telco, was breached recently. The attack resulted in 14GB of data being dumped online, including the personal details of customers. The news was confirmed by a statement from Netia admitting the compromise of messages sent via two contact forms on their netia.pl website, although they insisted that passwords and log-ins to their self-service portal had not been exposed. Netia responded to the breach by giving customers advice in the form of a downloadable Word document (in Polish).

So far, so commonplace, though I might not have responded to a security failure by asking customers to download something over the internet. Telcos are the targets of criminals just like any other big business with an online presence. Weaknesses in web contact forms have been exploited before, which makes it regrettable that some big telcos remain vulnerable. What made this attack different from the norm is that the attackers also had a political dimension. Links to the leaked data were tweeted from an account registered using the name Pravy Sektor, a right-wing Ukrainian political party. Pravy Sektor denied any involvement with the hackers and said the Twitter account had been faked to look like theirs.

A very informative article on Motherboard analyzed the activities of the Twitter account and found it was mostly used to push garbage. The hacked data dump from Netia has been followed by a series of other apparently ‘hacked’ documents that are probably fake. These documents cover a variety of topics including the NSA’s PRISM surveillance program and files supposedly obtained from an Armenian embassy. It seems the hackers – or whoever created these social media accounts – have used the Netia hack to lend credibility to a hodgepodge of bogus revelations, all with a political angle. You can read the Motherboard article here.

Often we think of telcos as needing to protect themselves from the direct financial losses that result from crime, but this incident shows the motivations of cyber attackers are very varied. Even relatively minor security weaknesses may be exploited by hackers just to get publicity for themselves and for their cause. But telcos still lose when they fall victim to these hacks, because of the damage to their reputation and the cost of reassuring customers.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.