Hacks hacked: how the Sun reported Murdoch's "death"

Groups such as LulzSec have security teams on the run.

News yesterday that the Sun was hacked by LulzSec is just the latest in a long line of impressive hacks, but it again shows how hard it is to protect sites from such sustained, sophisticated attack.

LulzSec , a group of hackers which describes itself as, "a team of entertainment and security experts that specialise in the production of malicious comedic cybermaterials", managed to redirect visitors to the Sun's website yesterday evening to a hoax page falsely reporting that Rupert Murdoch had been found dead.

It's not the first time a major UK newspaper has been hacked. Last April the Daily Telegraph saw its site hacked, apparently by a group angered by that paper's identification of Romanians as "gypsies" (they added a comment to one of paper's web pages that read, "Guess what, gypsies aren't romanians, morons.")

LulzSec was linked to the hacking of Sony's PlayStation Network, a hack thought to be motivated by Sony's legal action against George Hotz for 'jailbreaking' the PlayStation 3 - bypassing the device's security software in order to enable users to run unauthorised software on it. LulzSec has not accepted responsibility for the PSN hack, but it has taken responsibility for hacking PBS' site and posting a news story saying that deceased rappers Tupac Shakur and Biggie Smalls were actually still alive and living in New Zealand.

Previous LulzSec victims include websites of the Brazilian Government, energy giant Petrobras, Nintendo, Fox.com and even a database of X Factor contestants.

So why are so many websites such easy pickings for groups like LulzSec and Anonymous? There are a number of factors at work. For one, these groups of hackers can draw on just as sophisticated programmers as you will find in the security team at a typical organisation. These are no amateurs.

But the big problem for website security is change. The security systems protecting a website may well be good enough today, but as administrators make changes to the website - adding new features and functionality, disabling old campaigns and so on - they need to be incredibly rigorous about ensuring that the same security technologies, processes and policies remain in place. With large IT teams working on increasingly complicated websites, and often drawing on a mixture of in-house and off-site contactor skills, the potential for an old server or new feature to lack the adequate security mechanisms is high.

It's thought in the case of the Sun's site, LulzSec was able to compromise a "retired" server, which then gave them access to other parts of the News International network. All they had to do then was insert a script into the Sun's homepage that redirected visitors to their hoax page.

It's unlikely this all happened in the space of a few minutes or even hours: it was reported that another hacker group, Anonymous, had been 'rattling the Sun's doorknobs' for at least a week - finding vulnerabilities that could be used in a later exploit.

As I've said before, right now, the bad guys are winning. Their sophisticated, prolonged attacks on carefully-chosen targets are nothing like the one-off, individually-perpetrated and largely opportunistic attacks that we used to see.

As Eric Howes, research manager at security technology lab GFI Labs said recently when I asked if he believes the "bad guys" are winning, "I would have to say the bad guys are doing pretty well for themselves. We hope to be able to turn that around, but I would hesitate to make a prediction as to exactly when."

Jason Stamper is NS technology correspondent and editor of Computer Business Review

Jason Stamper is editor of Computer Business Review

Getty
Show Hide image

Debunking Boris Johnson's claim that energy bills will be lower if we leave the EU

Why the Brexiteers' energy policy is less power to the people and more electric shock.

Boris Johnson and Michael Gove have promised that they will end VAT on domestic energy bills if the country votes to leave in the EU referendum. This would save Britain £2bn, or "over £60" per household, they claimed in The Sun this morning.

They are right that this is not something that could be done without leaving the Union. But is such a promise responsible? Might Brexit in fact cost us much more in increased energy bills than an end to VAT could ever hope to save? Quite probably.

Let’s do the maths...

In 2014, the latest year for which figures are available, the UK imported 46 per cent of our total energy supply. Over 20 other countries helped us keep our lights on, from Russian coal to Norwegian gas. And according to Energy Secretary Amber Rudd, this trend is only set to continue (regardless of the potential for domestic fracking), thanks to our declining reserves of North Sea gas and oil.


Click to enlarge.

The reliance on imports makes the UK highly vulnerable to fluctuations in the value of the pound: the lower its value, the more we have to pay for anything we import. This is a situation that could spell disaster in the case of a Brexit, with the Treasury estimating that a vote to leave could cause the pound to fall by 12 per cent.

So what does this mean for our energy bills? According to December’s figures from the Office of National Statistics, the average UK household spends £25.80 a week on gas, electricity and other fuels, which adds up to £35.7bn a year across the UK. And if roughly 45 per cent (£16.4bn) of that amount is based on imports, then a devaluation of the pound could cause their cost to rise 12 per cent – to £18.4bn.

This would represent a 5.6 per cent increase in our total spending on domestic energy, bringing the annual cost up to £37.7bn, and resulting in a £75 a year rise per average household. That’s £11 more than the Brexiteers have promised removing VAT would reduce bills by. 

This is a rough estimate – and adjustments would have to be made to account for the varying exchange rates of the countries we trade with, as well as the proportion of the energy imports that are allocated to domestic use – but it makes a start at holding Johnson and Gove’s latest figures to account.

Here are five other ways in which leaving the EU could risk soaring energy prices:

We would have less control over EU energy policy

A new report from Chatham House argues that the deeply integrated nature of the UK’s energy system means that we couldn’t simply switch-off the  relationship with the EU. “It would be neither possible nor desirable to ‘unplug’ the UK from Europe’s energy networks,” they argue. “A degree of continued adherence to EU market, environmental and governance rules would be inevitable.”

Exclusion from Europe’s Internal Energy Market could have a long-term negative impact

Secretary of State for Energy and Climate Change Amber Rudd said that a Brexit was likely to produce an “electric shock” for UK energy customers – with costs spiralling upwards “by at least half a billion pounds a year”. This claim was based on Vivid Economic’s report for the National Grid, which warned that if Britain was excluded from the IEM, the potential impact “could be up to £500m per year by the early 2020s”.

Brexit could make our energy supply less secure

Rudd has also stressed  the risks to energy security that a vote to Leave could entail. In a speech made last Thursday, she pointed her finger particularly in the direction of Vladamir Putin and his ability to bloc gas supplies to the UK: “As a bloc of 500 million people we have the power to force Putin’s hand. We can coordinate our response to a crisis.”

It could also choke investment into British energy infrastructure

£45bn was invested in Britain’s energy system from elsewhere in the EU in 2014. But the German industrial conglomerate Siemens, who makes hundreds of the turbines used the UK’s offshore windfarms, has warned that Brexit “could make the UK a less attractive place to do business”.

Petrol costs would also rise

The AA has warned that leaving the EU could cause petrol prices to rise by as much 19p a litre. That’s an extra £10 every time you fill up the family car. More cautious estimates, such as that from the RAC, still see pump prices rising by £2 per tank.

The EU is an invaluable ally in the fight against Climate Change

At a speech at a solar farm in Lincolnshire last Friday, Jeremy Corbyn argued that the need for co-orinated energy policy is now greater than ever “Climate change is one of the greatest fights of our generation and, at a time when the Government has scrapped funding for green projects, it is vital that we remain in the EU so we can keep accessing valuable funding streams to protect our environment.”

Corbyn’s statement builds upon those made by Green Party MEP, Keith Taylor, whose consultations with research groups have stressed the importance of maintaining the EU’s energy efficiency directive: “Outside the EU, the government’s zeal for deregulation will put a kibosh on the progress made on energy efficiency in Britain.”

India Bourke is the New Statesman's editorial assistant.