tip off

ABC hack attack: online security is getting worse

Hacking is getting easier, and any criminal with a cause — or even without one — can now bring down companies’ websites and access users’ personal information. The latest victim is the ABC.

There’s nothing special about yesterday’s hack of an ABC website. But that’s precisely why it heralds a future where any organisation can be a target, along with any individuals connected with it. Things are going to get worse.

What we have here is a routine random hacktivist strike against a target of opportunity vaguely connected with the cause of his or her ire, with the exposure of innocent bystanders’ personal data as collateral damage. It just got more media coverage because it happened on the journalists’ own patch.

The random hacktivist was Phr0zenMyst, who claimed responsibility via Twitter. The cause of Phr0zenMyst’s ire was Lateline’s interview with Dutch ultra-nationalist politician Geert Wilders. While Phr0zenMyst’s tweets use the hashtag #OpWilders, which is Anonymous’ label for its ongoing protest against Wilders, the operators of Twitter accounts usually associated with Anonymous are distancing themselves from this one.

The target was the website for the ABC TV series Making Australia Happy. The hacker stole its core database with information on nearly 50,000 audience members who’d registered to comment, and published it online. The data included user ID, nickname as displayed on the site, a hashed version of passwords, age, gender, email address, postcode and the internet (IP) address of the computer at the time users registered.

One key issue here is the hashed passwords. Password hashing is meant to help prevent the actual password being discovered following data breaches like this. But as Microsoft security researcher Troy Hunt soon discovered, the password hashing was done badly. He was able to crack 53% of the passwords in just 45 seconds. Criminals can and doubtlessly will do the same, and they’ll try using the same password to access any other accounts associated with the same user ID or email address.

But again, this is nothing new. So let’s step back.

The problem with Anonymous is that it’s like a bloke with a hammer forever wandering around looking for nails,” I wrote last July. At the time, Anonymous had hacked random Queensland government websites in protest against the federal government’s plans for ISP data retention.

Since then, things have gotten worse. We’ve got more people like Phr0zenMyst joining the bandwagon without necessarily bothering to understand the subtleties of political activism. Hacking a website is one thing, but immediately dumping the stolen data into a public website to make victims of 50,000 people completely unrelated to your cause is quite another.

The tools used for these hacks are easily obtained, just like anyone can go to a hardware store and buy a crowbar to jemmy open a window, and they’re getting easier to use. Anonymous, with the mystique of secrecy and Guy Fawkes masks — well, Warner Bros Guy Fawkes masks, there’s an irony! — has made hacktivism cool. And web developers don’t seem to be getting any better at security.

Yes, things are going to get worse.

3
  • 1
    Shaniq'ua Shardonn'ay
    Posted Thursday, 28 February 2013 at 1:34 pm | Permalink

    The problem with Anonymous is that it’s like a bloke with a hammer forever wandering around looking for nails” - I’d prefer that to a bloke with a hammer looking to hit me on the head and steal my money. They expose how fragile the defenses on the internet really are.

  • 2
    Chris Williams
    Posted Saturday, 2 March 2013 at 9:09 pm | Permalink

    Geert Wilders is a classic and extreme example of ‘a little bit of knowledge being a dangerous thing.’

    Can there be any doubt that his characterisation of muslim immigration to Scandanavian countries is accurate and a fair representation? He said this in the Dutch Parliament in 2007:

    Islam is the Trojan Horse in Europe. If we do not stop Islamification now, Eurabia and Netherabia will just be a matter of time. One century ago, there were approximately 50 Muslims in the Netherlands. Today, there are about 1 million Muslims in this country. Where will it end? We are heading for the end of European and Dutch civilisation as we know it. Where is our Prime Minister in all this? In reply to my questions in the House he said, without batting an eyelid, that there is no question of our country being Islamified. Now, this reply constituted a historical error as soon as it was uttered. Very many Dutch citizens, Madam Speaker, experience the presence of Islam around them. And I can report that they have had enough of burkas, headscarves, the ritual slaughter of animals, so‑called honour revenge, blaring minarets, female circumcision, hymen restoration operations, abuse of homosexuals, Turkish and Arabic on the buses and trains as well as on town hall leaflets, halal meat at grocery shops and department stores, Sharia exams, the Finance Minister’s Sharia mortgages, and the enormous overrepresentation of Muslims in the area of crime, including Moroccan street terrorists.”

    Yet stupidly, this man who does no more than articulate the understandable fears of any country being increasingly populated by people from religiously alien culture - which incidentally he has visited and given great praise in their homelands - doesn’t ask why this immigration is happening and idiotically praises the very country - Israel - which is doing everything it can to ensure this immigration to the Netherlands happens as fast as possible.

    Geerts is thus a tragic figure. Not only can he not see which country is behind the Islamisation of the Netherlands he actually praises it as the bulwark of freedom against it. He needs to understand that his Prime Minister is silent because his Prime Minister’s political party is funding handsomely by the B’nai B’rith Anti Defamation League (ADL) and other fronts for Israel which seek immigration to every country of the world other than Israel, as a means for weakening their cultures. And doing so enlisting the support and funding of known gangsters.

    If anyone doubts what I say about the ADL they should read:

    * Robert Friedman “The Jewish Thought Policy : How the Anti-Defamation league Censors Books, Intimidates Librarians and Spies on Citizens”, The Village Voice, 27 July 1993)

    ** Las Vegas Review- Journal (1999). Also Wikipedia: http://en.wikipedia.org/wiki/Moe_Dalitz

  • 3
    Jim Masonic
    Posted Thursday, 7 March 2013 at 6:15 pm | Permalink

    Good to see you writing for Crikey Stil’.

    Cheers from an old 3D Radio buddy ;-) Keep up the good work!

Womens Agenda

loading...

Smart Company

loading...

StartupSmart

loading...

Property Observer

loading...