Light Reading

Is Comcast Ready for Big Hack Attack?

Mari Silbey
2/11/2014
50%
50%

How well would Comcast cope with another security invasion by computer hackers?

In a calculated attack last week, hacking group NullCrew FTS claims to have exploited a known vulnerability in at least 34 Comcast Corp. (Nasdaq: CMCSA, CMCSK) servers throughout the US, potentially gaining access to subscriber payment information and account settings. Comcast said at the time that it had "no evidence to suggest any personal customer information was obtained in this incident."

Others, however, are not so sanguine about Comcast's ability to stave off security threats to its customers. In fact, at least one security expert is recommending that Comcast subscribers change their passwords to protect their accounts from cyber intruders.

"Of course, Comcast should be telling their customers to change their passwords. Even if there was just a chance of a breach, it's still best practice to change your passwords regularly," said cybersecurity analyst Jack Whitsitt. "Any company that is not yet being open with its customers about what's happening with regard to security events is doing themselves a disservice. What is also concerning is that, at least anecdotally, many people don't remember or realize they have an ISP email address and so, if someone were to use theirs, would they even realize it?"

Whitsitt was referring to the fact that all Comcast customers have a master email account, and that this account is used to manage subscriber settings and payment transactions for all cable services. After gaining access to that account, a hacker could use the master email address to share information and control of the account with other parties.

A reporter for ZDNet, Violet Blue, publicly scolded Comcast in a blog post late Sunday night for not being more aggressive in its response to last week's attack. Blue likened Comcast's response to an attempt by Snapchat to downplay its own battle with hackers just over a month ago.

In addition, Blue pointed out that NullCrew FTS, the group claiming credit for the Comcast attack, also claimed responsibility for a similar assault on BCE Inc. (Bell Canada) (NYSE/Toronto: BCE) two weekends ago. So this may be the start of a hacking campaign against North American broadband service providers.

A Comcast spokesperson insisted, though, that the MSO has matters under control. "We take our customers' privacy and security very seriously," he said in an email response to Light Reading late Monday. "We have aggressively investigated this incident and have found no evidence to suggest any customer information was obtained.”

— Mari Silbey, special to Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
gconnery
50%
50%
gconnery,
User Rank: Light Sabre
2/13/2014 | 1:28:14 AM
Re: Data
Agreed.  Anyone who has followed the details of the recent Target, Neiman Marcus and Michaels hacking is aware of the normal progression...  at first the company minimizes the number of customers that were affected (only in store purchasers and a small number of them at bat) then that number is increased as forensic security goes to work and realizes more about what is going on (well, actually some online customers were affected too and now the total number affected is 3 times the earlier number, but hey its only email addresses and credit cards with no PINs) then more information is discovered and the numbers go up again (sorry that last count was too small, and oh, it looks like the encryption we used wasn't very good so the PINs were probably accessed too).  For Comcast to pretend up front that they know everything is fine when they don't really know anything at all is ridiculous. 


Good post Mari.  People should change their Comcast passwords.  I just did.  Have you paid your Comcast bill online with a credit card?  Pay attention to this story.
Ashu001
100%
0%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:24:34 AM
Re: Data
KBode,

That itself should ring a Bell-That something is very fishy here.

Why is a Company which is usually very Transparent and upfront of its Upgrades,etc ;Staying Silent here?

Definitely merits a closer Look.

Regards

Ashish.
Ashu001
50%
50%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:22:35 AM
Re: Data
kq4ym,

You have illustrated the Conrundrum that the Likes of Comcast has to face here very effectively.

While they do have a fiduciary responsibility towards their Clients to tell them the truth and reality of the situation at hand here they also have to be responsible towards their Owners and Shareholders and not do something which will damage their Brand Image irreperabably.

Its a Difficult Balancing Act to maintain for sure.

Regards

Ashish.
kq4ym
100%
0%
kq4ym,
User Rank: Light Sabre
2/11/2014 | 7:59:28 AM
Re: Data
It did seem a bit curious when Comcast said no infomation was taken from customer data. On one hand, you would think they would be honest enought to provide the truth of the matter, on the other Comcast wants to protect it's brand and image. It will be no surprise though to eventually find that Comcast was not quite correct in it's assessment of the hack.
KBode
50%
50%
KBode,
User Rank: Light Sabre
2/11/2014 | 7:32:11 AM
Data
The problem is I'm not sure Comcast knows if data was obtained. The NullCrew post didn't contain user data, but it explained how to obtain private data for a period of up to 24 hours. Comcast has been great in discussing network upgrades publicly and openly (like DNSSec) but was pretty quiet about this.
Educational Resources
sponsor supplied content
Educational Resources Archive
Flash Poll
From The Founder
Networks of the future will rely on "white box" switches and servers rather than proprietary hardware and that's going to alter the shape of the communications industry. Who says so? John Chambers.
LRTV Custom TV
The Benefits of HyperScale Clouds for NFV

3|27|15   |   01:50   |   (0) comments


Hyperscale cloud has been developed by the Internet giants to support the creation and delivery of software-based services at blistering speeds, and at the lowest possible cost. The original ETSI NFV vision was to adopt hyperscale cloud architecture and practices. This vision has become somewhat obscured along the way, due to misunderstandings about the hyperscale ...
LRTV Huawei Video Resource Center
eLTE Rapid Meets the Need for Speed

3|26|15   |   4:45   |   (0) comments


Designed especially for emergency and dedicated ad hoc local mobile communications coverage, Huawei's eLTE Rapid solution can deliver trunked voice, video and data coverage for multiple users over a 6km range and be set up in just 15 minutes, explains Huawei's Norman Frisch.
LRTV Huawei Video Resource Center
On Videos: Challenges & Opportunities

3|26|15   |   5:56   |   (0) comments


Most everything is now connected. And along with 4K and 4G technologies, everyone could be creating and broadcasting video contents. Users are expecting better video experience with any screen, anywhere and anytime. Operators will meet new challenges, but also see some big opportunities.
LRTV Custom TV
JDSU: Delivering Dynamic Networks for a Personalized Experience

3|26|15   |   5:59   |   (0) comments


Light Reading speaks to JDSU at Mobile World Congress 2015 about new solutions in the areas of HetNets, VoLTE, backhaul, virtualization, big data analytics, and real-time intelligence.
LRTV Custom TV
Smarter Service Chaining & New Ways to Benefit From Qosmos Technology

3|25|15   |   03:11   |   (0) comments


David Le Goff, director of strategic and product marketing at Qosmos, explains how the company has added application awareness to subscriber information to make service chaining more efficient and reduce costs for networking and infrastructure. In addition, Qosmos technology, which has been delivered as C libraries, is now also available as a virtual machine, ...
Between the CEOs
Qosmos CEO: The Changing Face of DPI

3|24|15   |   13:53   |   (0) comments


LR CEO and Founder Steve Saunders sits down with the head of Qosmos to talk about the changing state of the art in deep packet inspection technology, including its role in SDN and NFV architectures. Also, how the comms market is becoming more like the automotive industry.
LRTV Huawei Video Resource Center
FC Schalke Scores With Its Agile Stadium

3|24|15   |   6:23   |   (0) comments


Top German soccer club FC Schalke 04 has deployed a new, agile WiFi network from Huawei in its Veltins-Arena stadium and is reaping the benefits in terms of customer satisfaction and business opportunities, explains marketing chief Alexander Jobst.
LRTV Huawei Video Resource Center
Huawei’s Insights on Mobile Video

3|24|15   |   7:51   |   (0) comments


More people than ever are now watching videos on smartphones. Seventy percent of mobile traffic will be video traffic until 2018. In this video, Huawei's exports give their insights on mobile video in terms of business model, network planning and 4G network construction.
LRTV Documentaries
The Rise of Industry 4.0

3|24|15   |   02:26   |   (9) comments


Are you ready for the fourth industrial revolution? It's a big deal for influential operators such as Deutsche Telekom.
LRTV Huawei Video Resource Center
Getting Connected With eLTE

3|23|15   |   06:04   |   (0) comments


Trunked radio communications have entered the 4G LTE world, and with Huawei's eLTE solution, can now deliver a full range of data and video services as well as push-to-talk voice, explains Huawei's Norman Frisch.
LRTV Huawei Video Resource Center
Funkwerk’s on Track With Huawei

3|19|15   |   3:23   |   (0) comments


GSM-R technology specialist Funkwerk and Huawei have forged a partnership that is benefiting both parties, notes Funkwerk's Gottfried Winter.
LRTV Documentaries
How EANTC Tested Cisco's Virtualization Solutions

3|18|15   |   5:49   |   (0) comments


Carsten Rossenhövel, managing director of independent test lab EANTC, tells Light Reading founder and CEO Steve Saunders about the innovative approach his team had to take when validating Cisco's service provider virtualization and cloud solutions.
Upcoming Live Events
April 14, 2015, The Westin Times Square, New York City, NY
May 5, 2015, Hyatt McCormick Place, Chicago, IL
May 6, 2015, Georgia World Congress, Atlanta, GA
May 12, 2015, Grand Hyatt, Denver, CO
May 13-14, 2015, The Westin Peachtree, Atlanta, GA
June 8, 2015, Chicago, IL
June 9-10, 2015, Chicago, IL
June 9, 2015, Chicago, IL
June 10, 2015, Chicago, IL
September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
All Upcoming Live Events
Infographics
Hot Topics
AT&T Woos SMBs With Small-Scale WiFi
Sarah Thomas, Editorial Operations Director, 3/26/2015
The Rise of Industry 4.0
Ray Le Maistre, Editor-in-chief, 3/24/2015
Google Hires Wall Street's Most Influential Woman as CFO
Dan Jones, Mobile Editor, 3/24/2015
Average US Broadband Speeds No Great Shakes
Mari Silbey, Independent Technology Editor, 3/25/2015
Just Don't Say IBM Is 'Relaunching' Networking Business
Mitch Wagner, West Coast Bureau Chief, Light Reading, 3/26/2015
Like Us on Facebook
Twitter Feed
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
LR CEO and Founder Steve Saunders sits down with the head of Qosmos to talk about the changing state of the art in deep packet inspection technology, including its role in SDN and NFV architectures.
Chattanooga’s EPB publicly owned utility comms company has become a poster child for how to enable a local economy using next-gen networking technology. Steve Saunders, Founder of Light Reading, sits down with Harold DePriest, president and CEO of EPB, to learn how EPB is bringing big time tech to small town America.
Cats with Phones
Interspecies Phone Love Click Here
"No, you hang up."
"No, YOU hang up."
Latest Comment