Hacker Accesses Secret Service, T-Mobile Customer Files

A hacker broke into wireless carrier T-Mobile’s server systems network over at least seven months and read e-mails and personal computer files of the U.S. Secret Service, along with hundreds of other customers, the government has announced. Security experts said this is the first of what is expected to be many attacks on computers and mobile devices to come this year.

The T-Mobile hacker allegedly obtained an internal Secret Service memorandum and part of a mutual-assistance legal treaty from Russia. Court records said the documents contained “highly sensitive information pertaining to ongoing … criminal cases.”

The breach was discovered during “Operation Firewall,” a broad Secret Service investigation that targeted underground hacker organizations known as Shadowcrew, Carderplanet and Darkprofits. Santa Ana, California, resident Nicolas Lee Jacobsen, 21, has been charged with the hacking in U.S. District Court in Los Angeles.

Safe and Sound?

While the court case gets underway, serious questions about the security of servers await answers. It should be noted that it was not T-Mobile’s wireless network that was hacked, but its server systems, said Ken Dunham, the director of malicious code research at iDefense, a Reston, Virginia-based threat intelligence firm.

“The T-Mobile attack shows that there are a huge amount of assets on servers of companies we do business with on a regular basis,” Dunham told the E-Commerce Times. “The reality is that these large quantities of information stored on computers are vulnerable to attacks.”

Dunham said a myriad of computer servers, from online retailers to phone companies to government agencies, store sensitive information such as social security numbers, credit card numbers and other personal data. While some computers are more hardened against attacks than others, he said, any of them could potentially be compromised.

Online Shopping Hacks

During his work with the Federal Bureau of Investigations over the past few years, Dunham has learned that doing business with mom-and-pop shops over the Internet leaves shoppers most vulnerable to identity theft. However, it’s not for the reasons that one might think.

“The hacks aren’t happening during the Internet transaction itself,” Dunham said. “The vulnerability is on the end points. Either my computer was trojaned and some hacker stole my information at my end, or the mom-and-pop shop has their computer hacked and the abuse is on that end.”

Dunham said there is no magic bullet to preventing such vulnerabilities. However, recognizing the value of protecting assets is a good place for every computer user and company to start. That means a multi-layered approach to security that includes both technology and training. Dunham’s advice: Take the T-Mobile hack as a serious warning.

Change in Impact

Last year a Trojan caused the most damage to computers, marking the first time a worm hasn’t occupied the top spot, according to Panda Software. Analysts said this signifies an important change in the impact that malicious code is having on computers.

“This year we are going to see an explosion of bots and worms becausemalicious source code is so readily available,” Dunham said. “Security is a complicated issue. We have to attack it from every angle, technology, training and intelligence information. All of it makes a difference.”