& cplSiteName &

Is Comcast Ready for Big Hack Attack?

Mari Silbey
2/11/2014
50%
50%

How well would Comcast cope with another security invasion by computer hackers?

In a calculated attack last week, hacking group NullCrew FTS claims to have exploited a known vulnerability in at least 34 Comcast Corp. (Nasdaq: CMCSA, CMCSK) servers throughout the US, potentially gaining access to subscriber payment information and account settings. Comcast said at the time that it had "no evidence to suggest any personal customer information was obtained in this incident."

Others, however, are not so sanguine about Comcast's ability to stave off security threats to its customers. In fact, at least one security expert is recommending that Comcast subscribers change their passwords to protect their accounts from cyber intruders.

"Of course, Comcast should be telling their customers to change their passwords. Even if there was just a chance of a breach, it's still best practice to change your passwords regularly," said cybersecurity analyst Jack Whitsitt. "Any company that is not yet being open with its customers about what's happening with regard to security events is doing themselves a disservice. What is also concerning is that, at least anecdotally, many people don't remember or realize they have an ISP email address and so, if someone were to use theirs, would they even realize it?"

Whitsitt was referring to the fact that all Comcast customers have a master email account, and that this account is used to manage subscriber settings and payment transactions for all cable services. After gaining access to that account, a hacker could use the master email address to share information and control of the account with other parties.

A reporter for ZDNet, Violet Blue, publicly scolded Comcast in a blog post late Sunday night for not being more aggressive in its response to last week's attack. Blue likened Comcast's response to an attempt by Snapchat to downplay its own battle with hackers just over a month ago.

In addition, Blue pointed out that NullCrew FTS, the group claiming credit for the Comcast attack, also claimed responsibility for a similar assault on BCE Inc. (Bell Canada) (NYSE/Toronto: BCE) two weekends ago. So this may be the start of a hacking campaign against North American broadband service providers.

A Comcast spokesperson insisted, though, that the MSO has matters under control. "We take our customers' privacy and security very seriously," he said in an email response to Light Reading late Monday. "We have aggressively investigated this incident and have found no evidence to suggest any customer information was obtained.”

— Mari Silbey, special to Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
gconnery
50%
50%
gconnery,
User Rank: Light Sabre
2/13/2014 | 1:28:14 AM
Re: Data
Agreed.  Anyone who has followed the details of the recent Target, Neiman Marcus and Michaels hacking is aware of the normal progression...  at first the company minimizes the number of customers that were affected (only in store purchasers and a small number of them at bat) then that number is increased as forensic security goes to work and realizes more about what is going on (well, actually some online customers were affected too and now the total number affected is 3 times the earlier number, but hey its only email addresses and credit cards with no PINs) then more information is discovered and the numbers go up again (sorry that last count was too small, and oh, it looks like the encryption we used wasn't very good so the PINs were probably accessed too).  For Comcast to pretend up front that they know everything is fine when they don't really know anything at all is ridiculous. 


Good post Mari.  People should change their Comcast passwords.  I just did.  Have you paid your Comcast bill online with a credit card?  Pay attention to this story.
Ashu001
100%
0%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:24:34 AM
Re: Data
KBode,

That itself should ring a Bell-That something is very fishy here.

Why is a Company which is usually very Transparent and upfront of its Upgrades,etc ;Staying Silent here?

Definitely merits a closer Look.

Regards

Ashish.
Ashu001
50%
50%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:22:35 AM
Re: Data
kq4ym,

You have illustrated the Conrundrum that the Likes of Comcast has to face here very effectively.

While they do have a fiduciary responsibility towards their Clients to tell them the truth and reality of the situation at hand here they also have to be responsible towards their Owners and Shareholders and not do something which will damage their Brand Image irreperabably.

Its a Difficult Balancing Act to maintain for sure.

Regards

Ashish.
kq4ym
100%
0%
kq4ym,
User Rank: Light Sabre
2/11/2014 | 7:59:28 AM
Re: Data
It did seem a bit curious when Comcast said no infomation was taken from customer data. On one hand, you would think they would be honest enought to provide the truth of the matter, on the other Comcast wants to protect it's brand and image. It will be no surprise though to eventually find that Comcast was not quite correct in it's assessment of the hack.
KBode
50%
50%
KBode,
User Rank: Light Sabre
2/11/2014 | 7:32:11 AM
Data
The problem is I'm not sure Comcast knows if data was obtained. The NullCrew post didn't contain user data, but it explained how to obtain private data for a period of up to 24 hours. Comcast has been great in discussing network upgrades publicly and openly (like DNSSec) but was pretty quiet about this.
From The Founder
Cisco's Conrad Clemson, recently promoted to head up the company's Service Provider Apps & Platforms developments, talks to Light Reading's Founder and CEO Steve Saunders about how he's bringing cloud video, mobile and virtualization together to empower network operators.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Interviews
Masergy: Ability to Adapt Key for NFV

1|16|17   |   6:40   |   (0) comments


Speaking at Light Reading's 2020 Vision in Rome, Masergy's VP, Global Technology, Ray Watson, said agility is key to providing the mix and match NFV-based services that are driving business for the managed service provider today.
LRTV Interviews
Equinix: The Data Explosion

1|13|17   |   4:16   |   (0) comments


At Light Reading's 2020 Vision in Rome, Eric Schwartz, president of EMEA, Equinix, talked about how Equinix is helping its customers manage the influx of data today, and how it's preparing for a future filled with millions of connected IoT devices.
LRTV Interviews
Heavy Reading: The Changing Data Center Landscape

1|12|17   |   6:05   |   (1) comment


At Light Reading's 2020 Vision event in Rome, Heavy Reading's Senior Analyst Roz Roseboro talks about how virtualization is impacting data center evolution and how that evolution is affecting the relationship between service providers, data center operators and public cloud providers.
LRTV Interviews
Boingo: Prepping for Millions of Devices

1|12|17   |   5:07   |   (1) comment


At Light Reading's 2020 Vision in Rome, Boingo's CTO Derek Peterson discusses how wireless operators will address the needs of low-bandwidth and high-bandwidth apps at the same time, the need for more MHz, the impact of IoT and more.
LRTV Interviews
Comcast Shows Off Gig Gateway at CES

1|11|17   |     |   (1) comment


With its largest presence at CES in years, Comcast took the wraps off its long-awaited gigabit gateway and a new platform for managing the home WiFi network. Light Reading Senior Editor Mari Silbey sat down with EVP Chris Satchell to discuss the latest Comcast advance, and met with VP of Product Strategy and Development Andrea Peiro to walk through a demo of the ...
LRTV Interviews
Colt: End-to-End Key for 2017

1|10|17   |   6:21   |   (0) comments


At Light Reading's 2020 Vision Executive Summit in Rome, Nico Fischbach of Colt said having a multi-carrier, end-to-end service proposition is going to be key for 2017 -- and SD-WAN is instrumental in making it happen.
From the Founder
Cisco's Clemson on Mobile Cloud Video

1|9|17   |     |   (1) comment


Cisco's Conrad Clemson, recently promoted to head up the company's Service Provider Apps & Platforms developments, talks to Light Reading's Founder and CEO Steve Saunders about how he's bringing cloud video, mobile and virtualization together to empower network operators. "If you think about where we're going… whether it's a mobile application, or a video ...
LRTV Custom TV
VMware Telco NFV Solutions – Preparing for 5G & IOT

1|9|17   |     |   (0) comments


Shekar Ayyar, EVP & Corporate Strategy/General Manager of Telco for VMware, discusses VMware's Telco NFV solutions role and foundation for the Imminent Arrival of 5G & IOT.
LRTV Interviews
Heavy Reading: Big Video Set to Disrupt

1|6|17   |   4:39   |   (0) comments


At Light Reading's 2020 Vision Executive Summit in Rome, Heavy Reading's Adi Kishore talks about the challenges of managing and monetizing bandwidth-intensive video, and how service providers will need to transform their networks to cope with the big video explosion.
LRTV Interviews
Heavy Reading: IoT Set to Disrupt

1|5|17   |   7:07   |   (0) comments


Heavy Reading's Senior Analyst of IoT, Steve Bell, tells Light Reading how the Internet of Things (IoT) will transform service provider markets, business models and mindsets, and how virtualizing the network core and Fog networking is key to meeting the agility and flexibility demands of IoT in the future.
LRTV Custom TV
Ensemble SmartWAN Explained

1|5|17   |     |   (0) comments


Ray Le Maistre and Prayson Pate, CTO of the Ensemble division at ADVA Optical Networking, discuss the details around the recent Ensemble SmartWAN announcement from ADVA and its potential impact on the SD-WAN movement as it goes virtual.
LRTV Interviews
Telstra Shares Digital Dos & Don'ts

1|4|17   |   3:21   |   (0) comments


At Light Reading's 2020 Vision Executive Summit in Rome, Telstra's Managing Director of EMEA Tom Homer shares his insight into what makes a good partner in today's digital world.
Upcoming Live Events
May 15-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
Hot Topics
Ericsson: 5G Heralds 'New' New Economy
Mari Silbey, Senior Editor, Cable/Video, 1/12/2017
5G: Another Next-Generation Disappointment?
Iain Morris, News Editor, 1/10/2017
CES 2017: WIC's Picks & What Made Us Sick
Sarah Thomas, Director, Women in Comms, 1/10/2017
IBM, FDA Look to Blockchain to Secure Health Records
Scott Ferguson, Editor, Enterprise Cloud, 1/12/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Light Reading founder and CEO Steve Saunders chats with Sportlogiq CEO Craig Buntin about sports data analysis.
Eyal Waldman, CEO of Mellanox Technologies, speaks to Steve Saunders, CEO of Light Reading, for an exclusive interview about the 100 GB cable challenge, cybersecurity and much more.
Animals with Phones
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.