The hackers who got into Liberty’s network are more likely security geeks, rather than financial criminals.
This is according to a local IT security specialist, who made the prediction following the attacks and statements from Liberty on the matter.
The CEO of Liberty, David Munro, recently went on PowerFM to answer questions about the attack, where he conceded there was a vulnerability in their security systems.
He added that businesses all over the world face security risks, however, regardless of the precautions they take.
“That these hackers managed to find a way into our system presents a major event for us, but there’s an escalating challenge for all businesses,” said Munro.
“As the digital revolution gains speed and our businesses become more digital, the sophistication of these criminals continues to increase and it puts us all at risk.”
How the hackers got in
Munro declined to provide details about how the hackers were able to access their systems, but did give a general account of what happened.
“Actually describing how they got in, the nature of the breach, and the technical issues around that would obviously not be appropriate for me to comment on,” he said.
“It’s clearly relevant to the investigation, but also would indicate the vulnerabilities that others might try to pursue with other people.”
He said the attackers had breached Liberty’s network, though.
“You have perimeter walls around your networks that try to keep any unauthorised access from taking place, and what happened is somebody found a way to get through that wall and that allowed them to embed themselves into our network and access one of our servers.”
He confirmed Liberty’s earlier statement that the server the attackers accessed was mainly used for storing emails and attachments.
Munro declined to comment on whether a recent Pastebin statement – claiming that 40TB of data had been taken from Liberty by the hackers – was accurate.
Questioned on the protection they had in place before the incident, Munro said Liberty did have intrusion detection and mitigation systems in place, but the attackers found a way past this.
Geeks, not masterminds
An information security specialist, who requested to remain anonymous, told MyBroadband that Munro’s statements, coupled with what is known about the attack, suggests the attackers were security geeks and not criminal masterminds.
There are several avenues the hackers may have explored to find a vulnerability in Liberty’s network, and the likelihood is that they obtained highly-privileged access.
This is in contrast to a 2016 attack on Standard Bank, which saw the company defrauded to the tune of R300 million.
Fake credit cards were used to withdraw cash in a series of 14,000 transactions from several ATMs in Japan. Police suspected that a group of more than 100 people were involved in withdrawing the money.
Given that the Liberty attackers had gained entry to the company’s network, it is likely the attackers could have gained access to other systems and done much worse if they wanted to.
Instead, they elected to hit a mail server and extort a ransom from Liberty to not publish the information to the public.
The Pastebin statement also points to this, with the hacker or group stating: “We did not do that for harming your customers, our goal was to improve your security. You made your choice to, time to pay!”
The PowerFM radio interview with Munro is below.