back to article Met makes fourth TalkTalk arrest, this time a London teen

A 16 year-old boy from London has become the fourth to be arrested in connection with the hacking of British telco TalkTalk. Information is thin on the ground. Detectives from the Metropolitan Police Cyber Crime Unit arrested the boy at his Norwich home on suspicion of Computer Misuse Act offences and he remains in custody. A …

  1. Anonymous Coward
    Anonymous Coward

    Norwich is in London?

    1. VinceH
      Coat

      Well, you know Greater London? Norwich (and the rest of the UK) is in Even Greater London.

    2. Anonymous Coward
      Anonymous Coward

      >>Norwich is in London?

      According to Alan Partridge.

    3. h3nb45h3r
      Trollface

      Only if you're American

      The yoof form London arrested at his house in Norwich.

      The funny thing with people is they mostly have legs which affords them the ability to read....

      The other funny thing is with people is they mostly have eyes and a brain, but this doesn't always afford them the gift of using them in conjunction with each other.....

      1. Anonymous Coward
        Anonymous Coward

        Re: Only if you're American

        I do wonder if this was a cut and paste job from the BBC web site ...

        Police have made a fourth arrest, of a 16-year-old boy, in connection with the investigation into an alleged data theft from TalkTalk.

        He was held on suspicion of Computer Misuse Act offences after officers searched an address in Norwich.

        Police have also arrested and bailed a 16-year-old from London ....

        I believe the Police go with a name and birthday being sufficient to uniquely identify an individual. But even they don't just assume unique identification for two people of the same gender and age.

  2. Alister

    Are all these teenagers actually just contributors to the DDOS - maybe they were amateur users of LOIC?

    It certainly feels like low-hanging fruit is being plucked.

    1. PCS

      Would you prefer that they plucked no fruit at all?

      1. Prst. V.Jeltz Silver badge

        "Would you prefer that they plucked no fruit at all?"

        Well its a bit like arrersting people smoking afghani weed , and claiming youve struck a blow against the taliban.

      2. Teiwaz

        'low hanging fruit'...

        MET certainly like to 'pick up' teenage boys...

        think of blame the children....(seemingly)

    2. Anonymous Coward
      Anonymous Coward

      Is the "Low Orbit Ion Cannon" still in use, that's so last decade.

  3. Anonymous Coward
    Anonymous Coward

    Sniffing around it appears clear that TT was penetrated some time ago, and at some point, 'pros' got involved and emptied what they could. Subsequently the vulnerabilities have become a little more public and the odd script kiddy has been picked up trying it out. I'll bet it will be IP addresses that caught these little rascals, but there will be no evidence of large scale data theft and forwarding.

  4. JimmyPage
    Boffin

    like @Alister

    I have my doubts the people arrested so far are the actual perpetrators. In fact the more 16 year olds arrested, the less likely it is. Quite aside from Finks Fifth Law, I refuse to believe 4 16 year olds could organise their homework diaries, let alone a "sophisticated cyber attack" (c).

    Given how all this has played out, it's entirely possible the entire reason for the hack was to create enough media noise such that phone and email phishing attempts briefly became easier with no actual need to use the accessed data (and thus risk capture).

    When news of a "ransom" was mentioned, I turned my thoughts as to how to extract money from such a situation without ever being caught. Obviously a straight transaction of bitcoin is ultimately identifiable. However, then I wondered, what if the perpetrator legitimately accumulated a stash of bitcoins over time. Undertakes hack. Ransom demand is that the victim simply buys £1,000,000 of bitcoins. I'm not economist, but the spike in demand should heft the value of my *already bought* bitcoins enough that I make a profit. Not the £1,000,000 paid out, but a substantial amount.

  5. Anonymous Coward
    Anonymous Coward

    The government want ISP's to store your browsing history and communications according to the BBC this morning.

    Is there a connection with this hack and the new IPB because it should technically be dead in the water now?

  6. Anonymous Coward
    Anonymous Coward

    When I was 16

    I was scrounging forgotten coins from pay phones and taking empty bottles back to the shop for the deposit money.

    Simple times, no boyhood rights of passage like hacking major telcos..

    1. Anonymous Coward
      Anonymous Coward

      Re: When I was 16

      I was putting card in phone boxes to stop the coins dropping (just before I learned the wonders of pulse and DMTF) and nicking the bottles from the backyard of the shops to return them (which I got a bloody good clout round the ear for when the shopkeeper worked it out)

      How times change. Kids these days, no respect for anyone.

      1. wyatt

        Re: When I was 16

        Sometimes it pisses me off that I wasn't this inventive! Ah well

    2. Anonymous Coward
      Anonymous Coward

      Re: When I was 16

      well back then the cool kids like , RTM , Mitnick , LOD , and various other phreaks were doing just that, but back then it wasnt financially motivated and everyone agreed it all a jolly good jape. mostly. Untill the NSA got a stick up their asses about it circa 1990.

    3. mrfill

      Re: When I was 16

      Small boys in the park...

      ... jumper for goalposts

  7. scrubber
    WTF?

    Arresting the kids...

    ...yet the corporate malfeasance goes completely unpunished.

    1. Anonymous Coward
      Anonymous Coward

      Re: Arresting the kids...

      ...yet the corporate malfeasance goes completely unpunished.

      another "hang the gunmakers, not the shooters" supporter eh?

      1. Anonymous Coward
        Anonymous Coward

        Re: Arresting the kids...

        In this case though, and to stretch the analogy, the gunmakers were leaving the guns in a box tucked not-quite out of view with a sign on it saying "over 18s only" and no other security. I'd stretch it further, but I fear it'd break AND lead onto a discussion about gun control

      2. Nick Ryan Silver badge

        Re: Arresting the kids...

        another "hang the gunmakers, not the shooters" supporter eh?

        I read it that those responsible for the security of the personal data failed miserably in their responsibilities and therefore they should also be investigated in great detail and punished appropriately. Simply blaming the perpetrator, or perpetrators, is not acceptable as we don't live in a trusted, wholly open society therefore there is responsibility for the protection of the personal data that was provided in good faith and legally protected.

        As it's traditional to include real-life metaphors (or is it similes? can never remember) - if you leave your front door wide open and somebody comes in the door and makes off with your property then you have a certain degree of responsibility. While it's true that it needed that somebody to come in, you made it easy through carelessness. Try arguing with your insurance company that it wasn't your fault your car was stolen if you left the keys in the ignition and the door open...

        1. Anonymous Coward
          Anonymous Coward

          Re: Arresting the kids...

          I think a better comparison would be if you lived in a set of flats but the owner of the flats refused to install a door on anyone's flat inside the block of flats, the security guard kept on telling the building owner they should install doors, preferably with locks on each flat, and install cctv in the corridors, and maybe put a key card on the outside door as opposed to a keypad lock where the code to get in was 1234. But they fired the security guard and replaced her with an intern on 3000k a year and removed the keypad so now the door is just hanging open because it broke and replacing it would of eaten into their advertising budget.

          All the while they signed up to a set of rules that kind of suggested they had to secure all properties to an adequate level.

          The fault is about 95% the board of directors.

          1. Anonymous Coward
            Anonymous Coward

            Re: Arresting the kids...

            "...replacing it would of eaten"

            Not again, please! What "of" you been smoking?

  8. Crisp

    How much evidence do they expect to find?

    I'm no criminal mastermind, but I'd have thought that when the news story broke and people started getting arrested, anyone involved would have deleted absolutely everything that could possibly contain any forensic data.

    1. jzl

      Re: How much evidence do they expect to find?

      People like to boast. They probably told people.

  9. CaptainBanjax

    Given the amount

    Of spam you get in a talk talk mailbox id imagine they've been penetrated millions of times.

  10. M7S

    Just out of interest, and accepting that no-one has been charged, let alone convicted

    how would the fact that (so far, to the best of my knowledge) all bar one of those arrested are under 16 affect the views of those proposing to raise the age of criminal responsibility to 16 or even 18? Given the apparent prevalence of teenage offenders in IT related crime, this could lead to an interesting impotence on the part of enforcement authorities if it ever comes about, with consequent issues for the industry as a whole.

    I'm not sure about the effect on any civil claims for damages (e.g. TalkTalk sue the kid for £M), and whether parents or guardians are vicariously liable, assuming the youth's assets amount to little more than a console and a tablet, and possibly some expensive sneakers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Just out of interest, and accepting that no-one has been charged, let alone convicted

      Talk Talk shouldnt be able to sue anyone.

      Regardless of the criminality of the attackers Dildo and her merry team of fuckwitts did absolutely nothing to protect the data.

      The level of wilful negligence on the part of Talk Talk given they have been bent over and data reamed 4 times in 12 months should in itself lead to jail time for its leadership. Once is bad enough, but 4 times really does suggest an inherent structural problem in the company.

  11. Anonymous Coward
    Anonymous Coward

    Okay, they still aren't arresting the people responsible, they shouldn't be too hard to find,

    They're probably in the big office in this building... and one of them keeps appearing on TV

    TalkTalk

    11 Evesham Street

    London

    W11 4AR

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021