Update: It turns out that the story in The Daily Express may not be entirely reliable. Read an update to this blog post: “MI5 website hack overhyped by Daily Express”
British tabloid The Daily Express claims to have an exclusive on its hands this morning with a story that MI5’s website was compromised by hackers.
According to the Daily Express, the “Team Elite” hacking gang broke into the website of MI5, the United Kingdom’s counter-intelligence and security agency, gathering information about everybody who visited the site.
The journalists at the Express rolled out Tory MP Patrick Mercer to provide a quote, who said “The identity of agents and informers in terror groups such as Al Qaeda are held by MI5.”
Well, yes, they probably do hold that kind of information but I think it’s highly unlikely that they keep it on their website! And according to the newspaper, the hackers were only able to steal information from users visiting the site – so the only way in which I could imagine such information could have been grabbed by the cybercriminals would have been if an MI5 agent visited the site and was storing unencrypted information about fellow agents and terror suspects on their own computers.
The report also says that the hackers were able to download viruses onto the computers of visiting users. Sadly, they haven’t gone into any details as to what virus this was, so we don’t know what it could have done.
Frankly, there’s not enough information in this report to let us know just how big a security problem this was. The good news is that the authorities claim to have fixed the flaw, and so visitors to the site are no longer at risk.
However, this is a timely reminder for all of us who have websites – big and small – to make sure they are properly secured from attacks.
Sophos’s recent security threat report revealed that we discover one new infected webpage every 3.6 seconds (that’s four times faster than in first half of 2008).
Web infection is one of the primary routes by which hackers are trying to infect innocent computer users – and most of these attacks are occurring via legitimate sites, just like MI5’s. And that’s why more and more companies are realising they need to defend their users by scanning web activity, just like they’re used to scanning email for spam and viruses.
As well as poorly coded websites including vulnerabilities that hackers can exploit, another problem is that companies simply are not aware that malicious code has been planted on their webpages. One of the ways in which we deal with that is with our WebAlert service.
Here’s a fun video we made demonstrating how WebAlert works:
Sophos WebAlert – explained with children’s toys from SophosLabs on Vimeo.