AT&T Customer Hackers Linked to Terror Group

AT&T Wireless store in Times Square.
Start your day with TPM.
Sign up for the Morning Memo newsletter

Police in the Philippines last week announced that their agency and the FBI had arrested four hackers in the country who targeted business phone lines of AT&T and its customers, including some in the U.S., resulting in $2 million in losses to the telecom giant.

Not only that, but the hackers were funded by the same terror cell that backed the 2008 terror attacks in Mumbai, India, according to the Philippine National Police.

AT&T, for its part, affirms that it paid out some money to cover charges the hackers racked up on its customers bills, but the company won’t say how much, and vehemently denies that its own phone systems were hacked.

“AT&T’s network was neither targeted nor breached by the hackers, although the phone systems of a number of businesses, including some of our customers, were,” wrote AT&T spokesman Mark Siegel in an email to TPM. “AT&T only assisted law enforcement in the investigation that led to the arrest of the group of hackers.”

AT&T last week reported another hacking attempt to affected customers via email, but Siegel said that it was entirely separate from and had nothing to do with the incidents originating in the Philippines.

AT&T’s Siegel further explained the Philippines incident, writing:

We ended up writing off some fraudulent charges that appeared on customers’ bills. And again, AT&T was neither targeted nor breached, so those were the only damages we suffered. We are not commenting on an amount.

Siegel’s note that AT&T itself didn’t suffer any hack attempts, let alone successful hacks, was supported by FBI spokeswoman Jenny Shearer, who told TPM via telephone that “AT&T’s network itself wasn’t targeted.”

But that conflicts with what the Philippine National Police wrote in their news release, noting that the entire operation to arrest the hackers in the first place was catalyzed by a March 2010 complaint from AT&T “regarding the activities of Filipino hackers who hacked the system of AT&T.”

Indeed, the Philippine National Police also clarify that the hackers successfully hacked the “trunk-line (PBX) of different telecommunication companies including the [sic] AT&T.”

A trunk-line for a Private Branch Exchange system (PBX) refers to a single phone line from a telecom company, in this case AT&T, that connects to the system of interconnected phones used by a business. The trunk-line allows those phones to dial out using one line.

As AT&T notes in its own documentation to its PBX customers, “If the PBX system is not maintained and secured, it can be an easy target for those with a mind to commit toll fraud.” The company provides a checklist of security strategies for customers to follow in ensuring their PBX systems remain safe, which includes the advice to “Run periodic security audits to check for loopholes in the PBX (have PBX vendor do this if possible).”

It’s unclear exactly how the hackers’ scam worked, but a source close to the investigation told The Guardian that the hackers infiltrated the PBX systems of AT&T customers and repeatedly called expensive premium dial-rate companies, diverting the payments to their own accounts or accounts of the terror group funding them.

There’s some confusion over just which terror group that is, too. The Philippine National Police announcement claims that it is a Pakistani cell of “Jemaah Islamiyah, a militant Islamic group that has carried out attacks in several countries in Southeast Asia, including the 2005 suicide bombings in Bali.

At the same time, the Philippine National Police say that the cell of this organization has switched its leadership reigns. Previously, the cell was reportedly run by Muhammad Zamir, an Italian who was arrested by the FBI in 2007. Since then, the cell has been commanded by an unnamed “Saudi-national,” according to the National Police announcement.

The announcement also states that it is the FBI that attributes Jemaah Islamiyah to the funding behind the 2008 Mumbai terror attacks, a new accusation, if true, given that the governments of India and Pakistan both agree that a separate Pakistani-based militant group, Lashkar-e-Taiba, was behind the attacks.

FBI spokeswoman Jenny Shearer told TPM the agency could not comment specifically on the Philippine National Police’s announcement, but confirmed the arrests were part of a larger, ongoing investigation that was being treated “a phone hacking case,” not a terror case. Shearer said that the FBI was working with authorities in the Philippines on the investigation and said that “as facts are uncovered appropriate actions will be undertaken.”

Latest Idealab
Comments
Masthead Masthead
Founder & Editor-in-Chief:
Executive Editor:
Managing Editor:
Associate Editor:
Editor at Large:
General Counsel:
Publisher:
Head of Product:
Director of Technology:
Associate Publisher:
Front End Developer:
Senior Designer: