Friday 11 June 2010

The return of the Proof of Concept hack

This week’s news of a breach at the AT&T network, which exposed 114,000 accounts of the recently launched iPad, is today an FBI investigation. The group that identified the breach is known for publicizing other weaknesses that can lead to breaches, such as Safari and Amazon.

The compromised accounts – which include some of most powerful people on the planet – will likely suffer no long-term effects. The point of this attack was not to gain access to specific accounts, but to show that a breach of this sort could be done. It is, therefore, more like the proof of concept attacks that were popular 10 years ago. The goal of a proof of concept attack is notoriety for the hackers and embarrassment for the company involved. What is encouraging is that the FBI is taking investigative action. Only when there are severe consequences associated with proof of concept activities will they cease to be an issue