NBN Co, the company responsible for building the network on mainland Australia, is being urged to review its security after the arrest of a hacker who has been accused of penetrating the network of one of the suppliers.
According to The Australian, AusCERT is having concerns that NBN Co was treating the network’s security as an extra add-on.
“Generally, in a security sense, if it’s not incorporated into the architecture of the design – if it’s an add-on after the event – it’s a catch-up,” general manager Graham Ingram told the newspaper. “I think there are still some elements in the NBN who think that they move (data) packets and they don’t really care what’s in the packets.”
The news comes after the arrest of “Evil”, the alias of 25-year-old David Cecil, by the police. He is alleged to have hacked into Platform Networks, one of 13 companies that are offering services under the NBN on the first-release sites. He is also reported to have had control of the entire system for six weeks.
He is facing 10 years in jail if found guilty of unauthorised modification of data to cause impairment and 48 counts of unauthorised access to, or modification of, restricted data.
Cecil has been refused bail.