TalkTalk ransom demand: How do you sort mischief from malice?

Hackers demanding ransom for consumer financial information stolen from the UK company TalkTalk is just the latest in this year's high-profile hackings.

Stefan Wermuth/Reuters
A man walks into a TalkTalk building in London, Britain, where a 'significant and sustained' cyber attack could involve the theft of private data from all of the broadband supplier's more than 4 million customers. The identity – and therefore the intent and legal responsibility – for cyber attacks is difficult to trace.

A mass of confidential information has been stolen and released online, those immediately affected are upset, and the government is trying without success to bring the perpetrator to justice.

Whether the information released endangers diplomatic relations, customers' banking security, or a reality TV star's marriage, the tools to track and punish the hackers are about the same.  

"We're living in a world where we can’t easily tell the difference between a couple of guys in a basement apartment and the North Korean government with an estimated $10 billion military budget," security expert Bruce Schneier wrote for The Christian Science Monitor. "Everyone from lone hackers to criminals to hypothetical cyberterrorists to nations' spies and soldiers are using the same tools and the same tactics."

The UK company TalkTalk, an internet, TV, and mobile provider is the most recent victim of an unknown hacker or group of hackers. TalkTalk said Wednesday that an attack had breached its cyber security defenses, but it remains unclear how much consumer data – including bank information, names, and email addresses – hackers could have stolen and decoded.

TalkTalk CEO Dido Harding said the current assumption is that "all of our customer's personal financial information has been accessed." 

The cyberattack occurred on Wednesday, but on Friday came a new twist: Ms. Harding received a ransom note.

The sender claimed to be the hacker behind Wednesday's attack and asked for money. Harding says she has no way of knowing whether the sender is the real hacker or an opportunist.

One week ago, a Twitter user claiming to be a high school student said he or she had hacked CIA Director John Brennan's application for security clearance, The Christian Science Monitor reported. The hacker cited opposition to US foreign policy and support for Palestinians as motivations for the act.

Unless an idealistic digital enthusiast or an official representative of a sitting government wants to admit the deed, assigning blame and aportioning punishment for cyber attacks is difficult. The only "government" that seems to like regularly confessing to covert attacks is ISIS, and nobody has diplomatic relations with them anyway.

Government officials do not currently have a unified policy on how to name, much less prosecute, hacking incursions. The director of national intelligence, James R. Clapper Jr., said a recent hacking of 5.6 million Americans' fingerprints by the Chinese was not a cyber "attack" because they were foreigners who wanted to spy on, not destroy the data, The New York Times reported, making it an act of espionage, not theft.

Some people would like to change that. Business leaders have taken advantage of the TalkTalk hacking to note that while only major hacker attacks make the news, they constantly harass businesses, the BBC reported. Data theft should be given the same investigative priority as physical theft, said Oliver Parry, an advisor to the Institute of Directors, to police.

Former UK home office minister Hazel Blears said the TalkTalk breach should provide an impetus for discussions about more regulation.

"This is probably the biggest threat to our economy," she told The BBC. 

of stories this month > Get unlimited stories
You've read  of  free articles. Subscribe to continue.

Unlimited digital access $11/month.

Get unlimited Monitor journalism.