Teenager sentenced for biggest ever cyber attack

A British teenager has been sentenced to community service for masterminding in 2013 what was then described as the biggest ever cyber attack. The distributed denial of service attack against anti-junk mail group Spamhaus was so disruptive it threatened the Linux system, which supports links between international networks. Seth Nolan McDonagh pleaded guilty to all charges earlier, but could not be named under UK law until he turned 18 this week.

Team Sky cyclist data “stolen”

Training data belonging to cyclist Chris Froome has been accessed by hackers, according to Team Sky manager David Brailsford. Speaking at a press conference this week, Mr Brailsford said the loss of the data had been discovered on Monday, after Froome took the lead in the first week of the Tour de France. He added that the team is consulting legal advisers but refused to be drawn on who he suspected was behind the hack.

Body cameras “pose threat to privacy”

The UK Government’s CCTV commissioner has warned of the risk posed by unregulated use of body-worn cameras to record members of the public. Tony Porter told a security conference that, while use of the cameras by law enforcement agencies such as the Metropolitan Police is subject to strict rules, no such oversight exists in relation to private security staff and traffic enforcement officers and this has serious implications for data protection and privacy. Mr Porter is currently reviewing the UK’s surveillance camera code of practice and will report to the Home Secretary later this year.

Council databases hacked

The email addresses of 13,000 people have been stolen in an attack on the IT systems of the City of Edinburgh Council, it was revealed last week. A spokesperson reassured the public that no passwords were acquired during the hack, which was carried out at the end of June. Those affected are being contacted by the council, and have been warned of the potential risk should the hackers target them with “spear fishing” emails which appear to come from the Council.

Google inadvertently publishes details of “Right to be forgotten” requests

The Guardian newspaper reported this week that Google accidentally made public details of the number and nature of requests made by people under the Right to be forgotten. The data was discovered in the source code of Google’s Transparency Report, which was intended to give a general flavour of the requests. The details showed that 95% of requests were made by individuals rather than celebrities or politicians.

Police raid bogus call centres

In a joint operation, the European police force Europol and Spanish police have raided a number of illegal call centres run by a cyber-crime group in Barcelona. The criminals had used mobile phones stolen from tourists to call premium-rate numbers which had been set up in other countries, in an operation reportedly worth EUR 2 million. A spokesman for Europol said the raids followed analysis of thousands of financial transactions, which had made it possible to trace
the group.

Business concerns over China’s new internet security law

Concerns over the enforcement of China’s draft cybersecurity and data protection law could stifle business, critics warned last week. Under the bill passed earlier this month the government will gain extensive surveillance powers for the purposes of preserving “internet sovereignty” and national security. Joerg Wuttke, president of the EU’s Chamber of Commerce in China said that there were concerns over how the government would use the powers, to be detailed in forthcoming regulations, particularly in relation to transnational businesses.