Evil descends on the NBN? Erm, not quite

Great headlines … shame about the reality. Australian Federal Police/AAP

Another day, another hacking exploit makes headlines.

This time it’s a “self-taught, lone hacker”, David Cecil, apparently known online as “Evil”, who allegedly broke into Platform Networks’ site, one of 13 service providers for the National Broadband Network (NBN).

Cecil, from Cowra in New South Wales, has been charged with 48 counts of unauthorised access to, or modification of, restricted data.

He has also been charged with one count of unauthorised modification of data to cause impairment.

He is currently being held in custody and will appear in court again this Friday.

It’s still a little early to understand what exactly “Evil” is accused of doing to Platform Networks’ site but the strategy from the mainstream media has been to equate Platform Networks directly with the NBN.

“Self-taught hacker charged over NBN attack” reports the ABC. “NBN System Compromised” reports the Sydney Morning Herald.

And yet, in a statement this morning, the Australian Federal Police’s (AFP) Cyber Crime Coordinator, Brad Marden, said:

“[These attacks] wouldn’t have had a direct impact on the NBN itself. [Platform Networks] is actually a company that is contracted to the NBN to produce services for them.”

So what’s going on?

Parts of Platform Networks operations may have been compromised, although Platform Networks spokespeople say they notified the AFP as soon as they became aware of the attacks, in December 2010.

The important point, though, is that attacking Platform Networks is not the same as attacking the NBN.

Platform Networks is a Virtual Service Provider that purchases services from other companies and resells them adding additional services such as domain name resolution, web hosting, email and the like.

Among the services the company resells are different forms of network access including ADSL, 3G wireless and, from October this year, access to the NBN.

Evil, an unemployed truck driver who told online friends he had no computer skills, is suspected of mapping Platform Networks’ internal network and may have compromised a domain name server – the device that maps a domain name such as www.theconversation.com to an IP address such as 122.100.15.243.

Loss of domain name services would certainly have inconvenienced Platform Network’s customers, but it is very unlikely the NBN services were ever under threat.

The NBN provides quite low level services. The company responsible for building the NBN – NBN Co – doesn’t care whether their infrastructure is carrying internet traffic or something else.

All the internet services are provided by companies such as Platform Networks.

The interesting thing about this story is not that the NBN may have been under threat or even that someone managed to break into Platform Networks.

Hacking is not that difficult to do. It is much easier to carry out an attack than to defend against them.

What’s interesting is that Platform Networks picked up the hack very early on, had procedures in place to track it, and worked closely with the AFP to gather evidence to bring it to court.

Perhaps the real story will come when details emerge as to how Platform Networks dealt with the hack when it was detected.