Don’t Gamble with your password resets!

Written by Inspired Solutions on 20 June 2018 in Sponsored Article
Sponsored Article

The cautionary tale of the Leicestershire teenager who hacked high-ranking officials of NATO allies shows the need for improved password security

Kane Gamble, the Leicestershire teenager, is the terrifying example of what happens when IT help desk security measures take a disastrously wrong turn.

Gamble was only 15 years old when he waged an eight-month campaign of “cyberterrorism” between June 2015 to February 2016, whereby he gained access and leaked the details of high-ranking foreign intelligence officials and government employees.

By impersonating his multitude of victims while on the phone, he conned call centres and IT help desk employees at international telecommunication companies into divulging confidential information. 

From there, Gamble proceeded to reset passwords and gain access to “extremely sensitive” documents on military operations in Iraq and Afghanistan. Not only did the teenager have unlimited access to secure information, his reign of cyber terror continued after deliberately leaking details of 20,000 security officials and targeting the boss of the foreign country’s spying agency, as well as the ex-director of the foreign country’s home security agency. 

This personal, sensitive information was leaked online to various websites, including WikiLeaks.

The passwords of the ex-deputy director of the country’s home security agency were reset, and he claimed he and his family were bombarded with phone calls, resulting in them getting police protection. 

Gamble used the phone numbers he obtained to call and taunt his victims and their families and take control of their devices, including iPads. 

Evoking fear amongst his victims, the British teenager hacked into the country’s security chief’s home television and made the words ‘I own you’ appear on screen. The wife of the country’s homeland security chief was left a chilling voicemail message asking: “Hi Spooky, am I scaring you?”.

Prosecutor John Lloyd-Jones QC told a sentencing hearing at the Old Bailey: "The group incorrectly have been referred to as hackers. The group, in fact, used something known as social engineering, which involves socially manipulating people – call centres or help desks - into performing acts or divulging confidential information."

With a British teenage boy, who had not yet even sat his GCSEs, being able to gain access to the foreign country’s top-secret government files, the security of passwords and the information delivered by IT help desks has become subject of intense scrutiny and investigation.

Using self-service password reset with multi-factor authentication (i.e. sending a code via SMS) would have prevented all these breaches. 

That’s why major organisations that want to be as secure as possible use ReACT – the leading self-service password reset tool. ReACT can secure all your systems and is the only solution that can secure all three security systems on the mainframe. 

 

Inspired Solutions distributes software in the UK and Ireland. Its portfolio of products addresses the most important areas in the datacentre for both mainframe and distributed platforms.

Share this page

Tags

Categories

Related Articles

Cybercrime picked as key focus for new National Crime Agency chief
19 August 2022

Graeme Biggar has finally been confirmed as the head of the national body after a rerun of the procurement process

New PM will need to act fast to get a handle on risk-management, report finds
28 July 2022

Think tank cites growing cyberthreats and a lack of incentives for policymakers to develop technical skills

Government reveals ambition to drastically reduce cybercrime
21 September 2022

Consultation launched on how to ‘reduce the security burden on citizens’

Cabinet Office to lose one in four staff – but no detail yet on impact for digital agencies
23 August 2022

Jacob Rees Mogg trailed 25% job cuts in a Telegraph article, which unions label as the minister’s latest in a series of ‘increasingly bizarre’ pronouncements

Related Sponsored Articles

Rewiring government: improving outcome management
6 September 2022

Paul Pick-Aluas, Strategy & Transformation, Public Sector at Salesforce, explains how governments can use technology innovation to improve how it can analyse outcomes

Keeping tabs on work-issued mobile activity with Antenna
7 September 2022

How can public sector organisations keep track of calls, texts and instant messages in the world of ultra-flexi, hybrid working? Stuart Williams, CTO at FourNet, and Andrew Bale, EVP at Tango...