How do you solve a problem like a 15 year old hacker?
27th October 2015
So it looks like the organised, malicious, criminal gang behind the TalkTalk hack is actually a home-grown, 15 year old youth from the comfort of his bedroom.
If indeed it does turn out to be the teen from County Antrim no doubt there will be a huge sigh of relief breathed by the big cheeses at TalkTalk as it is unlikely that their customers’ bank details will have fallen into the hands of shady characters looking to rinse them dry. However, on the flip side it does raise serious concerns about the digital security of some of the UK’s biggest firms. Granted the average 15 year old probably has more digital skills than someone 25 years their senior, but that doesn’t mean that they should be able to hack into an organisation’s data.
Cybercrime is one of the UK’s fastest growing crimes. As we wrote in our blog a few months ago, it's not a case of if you get hacked, but when. Frank Abagnale of Catch Me if You Can fame has warned that every single adult in the UK has already had their online identity stolen and it’s just a matter of time when a cyber-criminal will start using it fraudulently. This is an opportunistic crime as typically most people will notice if the money in their bank accounts starts dwindling or if their credit limits start changing. However, there is a subsection of identity fraud which takes much longer to notice and that’s deceased identity fraud – using the details of someone who has passed away and applying for credit in their name. Consequently, it’s important for any organisation providing credit to screen all applications against lists of deceased data, such as Halo, to identify fraud at the source. Whilst it's unlikely the 15 year old was selling lists of TalkTalk’s deceased customers there are gangs that specialise in this exact practice. And returning to the topic of the 15 year old, as @chrishaigh says on Twitter: if that 15 year old doesn’t pass his IT GCSE there’s no justice!