TalkTalk Hack Highlights the Risks Posed By Script Kiddies
The news that a 17-year old boy has admitted to last year’s hacking of TalkTalk highlights the risks posed by young hackers often referred to as script kiddies.
Much of the media’s attention is often focussed on organised crime groups and state sponsored actors, but very rarely mention one of the fastest growing threat areas. With the ability to download malicious software off of the internet being made easier by the proliferation of the online criminal marketplace, many teenagers interested in hacking can increasingly purchase the tools needed to perform attacks.
In the case of the TalkTalk breach, the hacker in question claimed to the courts that he was ‘just showing off’ to his mates. That act of showing off resulted in TalkTalk losing a huge amount of sensitive data, including customer private data, as well as suffering significant reputational damage. The company was fined a record £400,000 for security failings and have claimed that the breach cost them £42 million.
‘I didn’t think of the consequences at the time. I was just showing off to my mates. It was a passion, not any more. I won’t let it happen again. I have grown up,’ the boy told magistrates. Six other people were arrested in connection with the attack.
What is a Script Kiddie?
A script kiddie is a generic term used to describe a hacker who has little real technical skills. Instead they use scripts or programs created by more experienced and skilled hackers. Their motivation is often simply to gain the attention of their peers or to just show off.
Due to the increased availability and capability of online tools, quite often inexperienced hackers can use these tools without considering the consequences. Simply pleading ignorance of online laws may not be enough to save them from getting a criminal record.
Education and raising awareness is crucial for this and should seek to convince fledgling script kiddies to use their skills in a positive way (i.e. become a ‘White Hat’) rather than for damaging or illegal purposes (i.e. a Black Hat).
PGI Aims to Close the Skills Gap
PGI aims to be a major contributor in the struggle to close the skills gap in the cyber security sector.
At our state of the art Cyber Academy based in Bristol, we provide an immersive technical environment to educate people to become the next generation of cybersecurity professionals.
To help encourage students into the field of cyber security we are offering students an exclusive 50% off voucher for three of our GCHQ Certified Training courses that you can redeem over the next 12 months. For more details click - http://bit.ly/2dUFMHU
Your free global geopolitical
PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.
The Risk Portal gives users up-to-date information and analysis on global affairs.
The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.
Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.
Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.
Subscribe to our Cyber Bytes Newsletter
Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.