Breach, Threat Management, Data Security, Network Security, Vulnerability Management

Police charge hackers with targeting AT&T customers

Filipino authorities say they have busted a terrorist-funded racket that was responsible for hacking telephone networks.

Four individuals -- ranging in age from 21 to 31 -- were charged with hacking the private branch exchange (PBX) systems of telecommunication companies. Specifically, the adversaries targeted AT&T systems and caused some $2 million in losses, according to a statement Thursday from the Philippine National Police's Criminal Investigation and Detection Group.

Police said the suspects had links to a Saudi-based terror group. One of the suspects, Paul Kwan, had been arrested in 2007 as part of an FBI terrorism investigation.

Kwan and three others was funded by Jemaah Islamiyah, an al-Qaida-linked terror network that helped finance the 2008 attacks in Mumbai, according to Filipino police. An FBI spokeswoman did not immediately respond to a request for comment.

"Revenue derived from the hacking activities of the Filipino-based hackers were diverted to the account of the terrorists, who paid the Filipino hackers on a commission basis, via local banks," the police statement said.

Kwan also was among three people indicted in 2009 in New Jersey on charges of hacking into the telephone networks of major businesses so a group of conspirators could offer cheap rates at overseas call centers.

In that case, the hackers broke into the PBX systems of U.S companies. Using the compromised networks of these firms, between October 2005 and December 2008, the attackers were able to place more than $55 million in calls lasting 12 million minutes, authorities said. The victims included the companies whose systems were hijacked and long-distance carriers, such as AT&T, who routed the calls.

In this most recent case, AT&T said it ended up recouping some customers for losses, but it was not a target.

"AT&T's network was neither targeted nor breached by the hackers, although the phone systems of a number of businesses, including some of our customers, were," AT&T spokesman Mark Siegel told SCMagazineUS.com on Monday. "AT&T only assisted law enforcement in the investigation that led to the arrest of the group of hackers."

The bust is unrelated to an "organized" hacking attempt launched against AT&T to obtain information about customer accounts, which was revealed last week.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.