& cplSiteName &

Is Comcast Ready for Big Hack Attack?

Mari Silbey
2/11/2014
50%
50%

How well would Comcast cope with another security invasion by computer hackers?

In a calculated attack last week, hacking group NullCrew FTS claims to have exploited a known vulnerability in at least 34 Comcast Corp. (Nasdaq: CMCSA, CMCSK) servers throughout the US, potentially gaining access to subscriber payment information and account settings. Comcast said at the time that it had "no evidence to suggest any personal customer information was obtained in this incident."

Others, however, are not so sanguine about Comcast's ability to stave off security threats to its customers. In fact, at least one security expert is recommending that Comcast subscribers change their passwords to protect their accounts from cyber intruders.

"Of course, Comcast should be telling their customers to change their passwords. Even if there was just a chance of a breach, it's still best practice to change your passwords regularly," said cybersecurity analyst Jack Whitsitt. "Any company that is not yet being open with its customers about what's happening with regard to security events is doing themselves a disservice. What is also concerning is that, at least anecdotally, many people don't remember or realize they have an ISP email address and so, if someone were to use theirs, would they even realize it?"

Whitsitt was referring to the fact that all Comcast customers have a master email account, and that this account is used to manage subscriber settings and payment transactions for all cable services. After gaining access to that account, a hacker could use the master email address to share information and control of the account with other parties.

A reporter for ZDNet, Violet Blue, publicly scolded Comcast in a blog post late Sunday night for not being more aggressive in its response to last week's attack. Blue likened Comcast's response to an attempt by Snapchat to downplay its own battle with hackers just over a month ago.

In addition, Blue pointed out that NullCrew FTS, the group claiming credit for the Comcast attack, also claimed responsibility for a similar assault on BCE Inc. (Bell Canada) (NYSE/Toronto: BCE) two weekends ago. So this may be the start of a hacking campaign against North American broadband service providers.

A Comcast spokesperson insisted, though, that the MSO has matters under control. "We take our customers' privacy and security very seriously," he said in an email response to Light Reading late Monday. "We have aggressively investigated this incident and have found no evidence to suggest any customer information was obtained.”

— Mari Silbey, special to Light Reading

(5)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
gconnery
50%
50%
gconnery,
User Rank: Light Sabre
2/13/2014 | 1:28:14 AM
Re: Data
Agreed.  Anyone who has followed the details of the recent Target, Neiman Marcus and Michaels hacking is aware of the normal progression...  at first the company minimizes the number of customers that were affected (only in store purchasers and a small number of them at bat) then that number is increased as forensic security goes to work and realizes more about what is going on (well, actually some online customers were affected too and now the total number affected is 3 times the earlier number, but hey its only email addresses and credit cards with no PINs) then more information is discovered and the numbers go up again (sorry that last count was too small, and oh, it looks like the encryption we used wasn't very good so the PINs were probably accessed too).  For Comcast to pretend up front that they know everything is fine when they don't really know anything at all is ridiculous. 


Good post Mari.  People should change their Comcast passwords.  I just did.  Have you paid your Comcast bill online with a credit card?  Pay attention to this story.
Ashu001
100%
0%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:24:34 AM
Re: Data
KBode,

That itself should ring a Bell-That something is very fishy here.

Why is a Company which is usually very Transparent and upfront of its Upgrades,etc ;Staying Silent here?

Definitely merits a closer Look.

Regards

Ashish.
Ashu001
50%
50%
Ashu001,
User Rank: Lightning
2/11/2014 | 9:22:35 AM
Re: Data
kq4ym,

You have illustrated the Conrundrum that the Likes of Comcast has to face here very effectively.

While they do have a fiduciary responsibility towards their Clients to tell them the truth and reality of the situation at hand here they also have to be responsible towards their Owners and Shareholders and not do something which will damage their Brand Image irreperabably.

Its a Difficult Balancing Act to maintain for sure.

Regards

Ashish.
kq4ym
100%
0%
kq4ym,
User Rank: Light Sabre
2/11/2014 | 7:59:28 AM
Re: Data
It did seem a bit curious when Comcast said no infomation was taken from customer data. On one hand, you would think they would be honest enought to provide the truth of the matter, on the other Comcast wants to protect it's brand and image. It will be no surprise though to eventually find that Comcast was not quite correct in it's assessment of the hack.
KBode
50%
50%
KBode,
User Rank: Light Sabre
2/11/2014 | 7:32:11 AM
Data
The problem is I'm not sure Comcast knows if data was obtained. The NullCrew post didn't contain user data, but it explained how to obtain private data for a period of up to 24 hours. Comcast has been great in discussing network upgrades publicly and openly (like DNSSec) but was pretty quiet about this.
Light Reading’s Upskill U is a FREE, interactive, online educational resource that delivers must-have education on themes that relate to the overall business transformation taking place in the communications industry.
NEXT COURSE
Wednesday, July 27, 1:00PM EDT
The Changing Face of the Data Center World
Rodney M. Elder, Senior Solutions Architect, Equinix
UPCOMING COURSE SCHEDULE
Wednesday, August 3, 1:00PM EDT
The Central Office Re-Architected as a Data Center
Guru Parulkar, Executive Director, Open Networking Research Center, Open Networking Lab
Wednesday, August 10, 1:00PM EDT
Telcos & Open Source 101
Phil Robb, Senior Technical Director, OpenDaylight
Friday, August 12, 1:00PM EDT
The Role of Open Source in NFV
Jim Fagan, Director, Cloud Practice, Telstra
in association with:
From The Founder
The more things change, the more they stay the same for Juniper's next-gen comms solutions, and that's a good thing.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Custom TV
NetScout: Maximizing Enterprise Cloud for Digital Transformation

7|20|16   |   04:53   |   (0) comments


Light Reading Editor Mitch Wagner talks to NetScout CMO Jim McNiel about maximizing the benefits of enterprise cloud and digital transformation while minimizing potential pitfalls with a proper monitoring and instrumentation strategy.
Women in Comms Introduction Videos
Ciena's VP Offers a Career Crash Course

7|20|16   |   4:14   |   (0) comments


How did Ciena's Vice President of Sales, Angela Finn, carve out her career path? Simple, she tells WiC. She stayed true to her company, customers and principles. She shares her advice for women on how to be authentic and credible, as well as for companies that want to make a real change to their culture and practices.
LRTV Custom TV
NFV in 2016: Part 2 – Climbing the Virtualization Maturity Curve

7|19|16   |   06:56   |   (0) comments


Many of the initial use case implementations are single-vendor and self-contained. The industry is still climbing the virtualization maturity curve, needing further clarity and stability in the NFV infrastructure (NFVi) and greater availability and choice of virtualized network functions (VNFs). Interoperability between NFVis and VNFs from different vendors ...
Telecom Innovators Video Showcase
Versa Networks' Kumar Mehta on SD-WAN Managed Services

7|19|16   |     |   (0) comments


In Silicon Valley, Steve Saunders sits down with Versa's Kumar Mehta for an interview focused on why service providers are building SD-WAN managed services, and how Versa's telco customers are innovating.
LRTV Custom TV
Juniper Networks & The Evolution of NFV

7|19|16   |   06:01   |   (0) comments


Senior Juniper Networks executives talk to Light Reading Founder & CEO Steve Saunders about NFV developments and the recent independent evaluation by test lab EANTC of Juniper's Cloud CPE solution.
LRTV Interviews
CenturyLink Goes Beyond Managed WiFi

7|19|16   |     |   (0) comments


CenturyLink's managed WiFi allows enterprises, such as retailers and resorts, to track guest WiFi usage in order to help them better communicate with customers.
LRTV Interviews
AT&T Launches Network Functions on Demand

7|17|16   |   05:26   |   (0) comments


Roman Pacewicz, Senior Vice President, Offer Management & Service Integration, AT&T Business Solutions, discusses the operator's launch of its Network Functions on Demand service.
LRTV Interviews
Enterprise Pitch for Ciscosson

7|14|16   |   04:43   |   (0) comments


After seven months of near silence, Cisco and Ericsson executives publicly discussed details on their extensive partnership. Among the tidbits shared by Martin Zander, VP, group strategy programs, Ericsson, and Doug Webster, VP service provider marketing, Cisco: The partnership was initially launched to serve the service provider market, but is already gaining ...
Wagner’s Ring
Cisco Faces Up to Hypercloud Threat

7|13|16   |   02:42   |   (0) comments


Facebook, Amazon and Google mostly don't buy branded technology for their networks – they build their own. That's a threat to Cisco – and its competitors too – which face potentially dwindling demand for their product. Is Cisco up to the challenge? Light Reading went to the annual Cisco Live conference to find out.
LRTV Huawei Video Resource Center
Building a Better Connected Russia

7|13|16   |     |   (0) comments


At UBBS World Tour 2016, Alla Shabelnikova of Ovum shares the findings of a white paper outlining the challenges and opportunities of broadband rollout in Russia.
LRTV Huawei Video Resource Center
The Global Video Business

7|13|16   |     |   (0) comments


At UBBS World Tour 2016, Roger Feng of Huawei shares insights on the future of video business.
LRTV Huawei Video Resource Center
UBBS World Tour Moscow Highlights

7|13|16   |     |   (0) comments


At UBBS World Tour 2016 at Moscow, Huawei showcases its outstanding progress in video technology.
Upcoming Live Events
September 13-14, 2016, The Curtis Hotel, Denver, CO
September 27, 2016, Philadelphia, PA
November 3, 2016, The Montcalm Marble Arch, London
November 30, 2016, The Westin Times Square, New York City
December 6-8, 2016,
May 16-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
Five of the Top 10 most targeted countries in Check Point Software Technologies' global Malware & Threat Index for Q1 2016 are in Africa.
Hot Topics
Ericsson 'Doubles' Savings Goal as Sales Slump
Iain Morris, News Editor, 7/19/2016
Kevin Lo's Move to Facebook: Sign of Things to Come?
Patrick Donegan, Chief Analyst, Heavy Reading, 7/20/2016
Verizon's Next With VNFs
Carol Wilson, Editor-at-large, 7/21/2016
Facebook Gets Its Drone On
Ray Le Maistre, Editor-in-chief, 7/22/2016
Is Dish Going Down the Drain?
Alan Breznick, Cable/Video Practice Leader, Light Reading, 7/21/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
There's no question that, come 2020, 5G technology will turn the world's conception of what mobile networking is on its head. Within the world of 5G development, Dr. ...
I've enjoyed interviewing many interesting people since I rejoined Light Reading, but William A. "Bill" Owens certainly takes the biscuit, as we say where I come from.
Live Digital Audio

Our world has evolved through innovation from the Industrial Revolution of the 1740s to the information age, and it is now entering the Fourth Industrial Revolution, driven by technology. Technology is driving a paradigm shift in the way digital solutions deliver a connected world, changing the way we live, communicate and provide solutions. It can have a powerful impact on how we tackle some of the world’s most pressing problems. In this radio show, Caroline Dowling, President of Communications Infrastructure & Enterprise Computing at Flex, will join Women in Comms Director Sarah Thomas to discuss the impact technology has on society and how it can be a game-changer across the globe; improving lives and creating a smarter world. Dowling, a Cork, Ireland, native and graduate of Harvard Business School's Advanced Management Program, will also discuss her experience managing an international team focused on innovation in an age of high-speed change.