& cplSiteName &

Is Comcast Ready for Big Hack Attack?

Mari Silbey
2/11/2014
50%
50%

How well would Comcast cope with another security invasion by computer hackers?

In a calculated attack last week, hacking group NullCrew FTS claims to have exploited a known vulnerability in at least 34 Comcast Corp. (Nasdaq: CMCSA, CMCSK) servers throughout the US, potentially gaining access to subscriber payment information and account settings. Comcast said at the time that it had "no evidence to suggest any personal customer information was obtained in this incident."

Others, however, are not so sanguine about Comcast's ability to stave off security threats to its customers. In fact, at least one security expert is recommending that Comcast subscribers change their passwords to protect their accounts from cyber intruders.

"Of course, Comcast should be telling their customers to change their passwords. Even if there was just a chance of a breach, it's still best practice to change your passwords regularly," said cybersecurity analyst Jack Whitsitt. "Any company that is not yet being open with its customers about what's happening with regard to security events is doing themselves a disservice. What is also concerning is that, at least anecdotally, many people don't remember or realize they have an ISP email address and so, if someone were to use theirs, would they even realize it?"

Whitsitt was referring to the fact that all Comcast customers have a master email account, and that this account is used to manage subscriber settings and payment transactions for all cable services. After gaining access to that account, a hacker could use the master email address to share information and control of the account with other parties.

A reporter for ZDNet, Violet Blue, publicly scolded Comcast in a blog post late Sunday night for not being more aggressive in its response to last week's attack. Blue likened Comcast's response to an attempt by Snapchat to downplay its own battle with hackers just over a month ago.

In addition, Blue pointed out that NullCrew FTS, the group claiming credit for the Comcast attack, also claimed responsibility for a similar assault on BCE Inc. (Bell Canada) (NYSE/Toronto: BCE) two weekends ago. So this may be the start of a hacking campaign against North American broadband service providers.

A Comcast spokesperson insisted, though, that the MSO has matters under control. "We take our customers' privacy and security very seriously," he said in an email response to Light Reading late Monday. "We have aggressively investigated this incident and have found no evidence to suggest any customer information was obtained.”

— Mari Silbey, special to Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
gconnery
50%
50%
gconnery,
User Rank: Light Sabre
2/13/2014 | 1:28:14 AM
Re: Data
Agreed.  Anyone who has followed the details of the recent Target, Neiman Marcus and Michaels hacking is aware of the normal progression...  at first the company minimizes the number of customers that were affected (only in store purchasers and a small number of them at bat) then that number is increased as forensic security goes to work and realizes more about what is going on (well, actually some online customers were affected too and now the total number affected is 3 times the earlier number, but hey its only email addresses and credit cards with no PINs) then more information is discovered and the numbers go up again (sorry that last count was too small, and oh, it looks like the encryption we used wasn't very good so the PINs were probably accessed too).  For Comcast to pretend up front that they know everything is fine when they don't really know anything at all is ridiculous. 


Good post Mari.  People should change their Comcast passwords.  I just did.  Have you paid your Comcast bill online with a credit card?  Pay attention to this story.
Ashu001
100%
0%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:24:34 AM
Re: Data
KBode,

That itself should ring a Bell-That something is very fishy here.

Why is a Company which is usually very Transparent and upfront of its Upgrades,etc ;Staying Silent here?

Definitely merits a closer Look.

Regards

Ashish.
Ashu001
50%
50%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:22:35 AM
Re: Data
kq4ym,

You have illustrated the Conrundrum that the Likes of Comcast has to face here very effectively.

While they do have a fiduciary responsibility towards their Clients to tell them the truth and reality of the situation at hand here they also have to be responsible towards their Owners and Shareholders and not do something which will damage their Brand Image irreperabably.

Its a Difficult Balancing Act to maintain for sure.

Regards

Ashish.
kq4ym
100%
0%
kq4ym,
User Rank: Light Sabre
2/11/2014 | 7:59:28 AM
Re: Data
It did seem a bit curious when Comcast said no infomation was taken from customer data. On one hand, you would think they would be honest enought to provide the truth of the matter, on the other Comcast wants to protect it's brand and image. It will be no surprise though to eventually find that Comcast was not quite correct in it's assessment of the hack.
KBode
50%
50%
KBode,
User Rank: Light Sabre
2/11/2014 | 7:32:11 AM
Data
The problem is I'm not sure Comcast knows if data was obtained. The NullCrew post didn't contain user data, but it explained how to obtain private data for a period of up to 24 hours. Comcast has been great in discussing network upgrades publicly and openly (like DNSSec) but was pretty quiet about this.
From The Founder
Light Reading sits down at CES with the head of Cisco's service provider video business, Conrad Clemson, to discuss how NFV and cloud security relate to video, the challenge of managing 4K/8K traffic, the global expansion of Netflix and virtual reality.
Flash Poll
Live Streaming Video
CLOUD / MANAGED SERVICES: Prepping Ethernet for the Cloud
Moderator: Ray LeMaistre Panelists: Jeremy Bye, Leonard Sheahan
LRTV Huawei Video Resource Center
TeliaSonera: Striving for Independence

2|12|16   |     |   (0) comments


Peter Lagergren discusses the importance of decoupling the network from services.
LRTV Huawei Video Resource Center
Ken Wang on U-vMOS

2|12|16   |     |   (0) comments


Ken Wang discusses how video will take of the traffic on carrier networks and become a basic service to provide to end users.
LRTV Documentaries
All Change in Video

2|11|16   |   33:12   |   (1) comment


At this moderated panel at 2020 Vision in Dublin, Alan Breznick, Cable/Video Practice Leader of Light Reading, sits down with Jeff Finkelstein, director of network architecture at Cox Communications, to discuss the rapidly changing video market.
LRTV Custom TV
Hosting in Ireland, Past & Present

2|10|16   |   16:07   |   (0) comments


Garry Connolly, president of Host in Ireland, presents the keynote at Light Reading's 2020 Vision Executive Summit in Dublin.
Women in Comms Introduction Videos
What's Hot in Mobile Commerce?

2|10|16   |   12:18   |   (1) comment


Claire Maslen, financial services relationship manager at the GSMA, talks about the development of the digital commerce sector and the types of relationships that mobile operators are developing to further their m-commerce strategies.
LRTV Documentaries
EANTC Tests Nokia IP Routing & Mobile Gateway VNFs for Real World Deployment

2|9|16   |   5:08   |   (1) comment


Nokia obtained validation of its virtualized router and virtualized mobile gateway capabilities through rigorous testing performed by EANTC. The results set a new industry benchmark for outstanding performance, scalability, resiliency and manageability. Nokia VNFs are ready for telco cloud deployment, so that service providers can accelerate mobile, business and ...
Between the CEOs
CEO Chat With Level 3's Jack Waters

2|8|16   |   26:15   |   (1) comment


Light Reading CEO and founder Steve Saunders sits down with Level 3 Communications' CTO Jack Waters to discuss hot topics like virtualization, 4K and the future of telecom...
LRTV Custom TV
The Composable Telco

2|8|16   |   24:46   |   (0) comments


Heavy Reading's Principal Analyst Caroline Chappell presents the keynote at Light Reading's 2020 Vision Executive Summit in Dublin.
LRTV Custom TV
Join Us at the Digital Operations Transformation Summit

2|4|16   |   03:52   |   (0) comments


The Digital Operations Transformation Summit on February 21, 2016 at the Crowne Plaza Barcelona Fira Centre will bring together 50 senior executives to engage in a unique debate on the opportunities and challenges presented by the transformative evolving digital landscape. RSVP now at events@lightreading.com.
LRTV Custom TV
Making the Test: ADVA Ensemble Connector vs. Open vSwitch

2|4|16   |   01:28   |   (0) comments


Light Reading, in partnership with EANTC, recently tested ADVA's Ensemble Connector, which replaces open vSwitch and offers carrier-grade capability and interoperability. The test results strengthen ADVA's credibility as a provider in the virtualization space.
LRTV Custom TV
Bridging the Gap Between PoCs & Deployment in NFV

2|4|16   |   31:50   |   (0) comments


Charlie Ashton of Wind River presents the keynote at Light Reading's 2020 Vision executive summit in Dublin.
Between the CEOs
CEO Chat With Mike Aquino

2|3|16   |   17:34   |   (0) comments


The former CEO of Overture Networks, Mike Aquino, discusses why truly open virtualization solutions provide service providers with the greatest choice.
Upcoming Live Events
March 10, 2016, The Cable Center, Denver, CO
April 5, 2016, The Ritz Carlton, Charlotte, NC
May 23, 2016, Austin, TX
May 24-25, 2016, Austin Convention Center, Austin, TX
All Upcoming Live Events
Hot Topics
Yahoo & Verizon Sitting in a Tree...
Brian Santo, Senior editor, Test & Measurement / Components, Light Reading, 2/8/2016
Vodafone: Flexible Work Policies Boost Profits
Sarah Thomas, Editorial Operations Director, 2/8/2016
AT&T Lights Fire Under 5G, Plans 2016 Trials
Iain Morris, News Editor, 2/12/2016
Andreessen Facepalms on Facebook Free Basics
Mitch Wagner, West Coast Bureau Chief, Light Reading, 2/10/2016
It's Time to Integrate OTT Video
Alan Breznick, Cable/Video Practice Leader, 2/8/2016
Like Us on Facebook
Twitter Feed
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
Light Reading CEO and founder Steve Saunders sits down with Level 3 Communications' CTO Jack Waters to discuss hot topics like virtualization, 4K and the future of telecom...
The former CEO of Overture Networks, Mike Aquino, discusses why truly open virtualization solutions provide service providers with the greatest choice.
Live Digital Audio

Broadband speeds are ramping up across Europe as the continent, at its own pace, follows North America towards a gigabit society. But there are many steps to take on the road to gigabit broadband availability and a number of technology options that can meet the various requirements of Europe’s high-speed fixed broadband network operators. During this radio show we will look at some of the catalysts for broadband network investments and examine the menu of technology options on offer, including vectoring and G.fast for copper plant evolution and the various deployment possibilities for FTTH/B.