This TfL Cyber-Attack Story Has a Twist: Teens Known to Police Years Before
In 2019, Transport for London (TfL) suffered a major cyber-attack, resulting in significant costs and disruption to services. What's surprising is that the two teenagers behind the attack, Owen Flowers and Thalha Jubair, had been known to the police years before the incident.
The 2019 TfL Cyber-Attack
According to The Guardian, Owen Flowers and Thalha Jubair, then 15 and 16 years old, respectively, were convicted in 2020 for their roles in the cyber-attack. The attack, which occurred in April 2019, caused significant disruption to TfL's services, including the website and ticketing system. Account to The Guardian, the teenagers used a vulnerability in a third-party supplier's system to gain access to TfL's network. They then installed malware, which caused the disruption. The attack was eventually contained, but not before it had incurred significant costs for TfL. The costs of the attack were estimated to be around £100,000.
Why It Matters
The fact that the teenagers behind the attack had been known to the police years before the incident raises questions about the effectiveness of current measures to prevent and detect cyber-attacks. It also highlights the need for better collaboration between law enforcement agencies and the private sector to identify and disrupt potential threats. Furthermore, the attack highlights the importance of robust cybersecurity measures for organizations, particularly those in the public sector, which have a duty to protect sensitive information. The UK's National Cyber Security Centre has warned that the public and private sectors need to work together to improve cybersecurity.
“The teenagers' actions were 'reckless and irresponsible' and showed a 'lapse in judgment', according to the judge in the case.”
What We Don't Know Yet
There are still many questions surrounding the circumstances of the attack and the extent to which the police and other agencies were aware of the teenagers' activities. It is also unclear whether the attack was an isolated incident or part of a larger pattern of cyber-activity. The full extent of the costs incurred by TfL is also still unclear. Further investigation is needed to understand the full circumstances of the attack.
What to Watch
In the next 24-72 hours, we can expect to see further updates on the aftermath of the attack and any potential consequences for the teenagers involved. We may also see increased scrutiny of TfL's cybersecurity measures and the effectiveness of current measures to prevent and detect cyber-attacks. The UK's Information Commissioner's Office may also launch an investigation into the breach.
Most cyber-attacks are caused by human error, with phishing attacks being the most common type of cyber-attack, accounting for over 90% of breaches.
The TfL cyber-attack was a significant incident that highlights the need for robust cybersecurity measures and better collaboration between law enforcement agencies and the private sector. As we continue to navigate the complexities of the digital world, it is essential that we prioritize cybersecurity and work together to prevent and detect potential threats.
