The Australian Federal Police (AFP) this morning confirmed a 25-year-old Australian man had been arrested after allegedly hacking into a National Broadband Network wholesale provider’s systems.
The Cowra-based truckie, who goes by the online username ‘Evil’, has purportedly been boasting online about his hacking achievements, which included hacking into NBN wholesale provider Platform Networks’ systems earlier this year.
Discovered in June by the AFP as part of a six-month investigation, it’s believed the man — who taught himself IT — found a ‘compromise’ in Platform Network’s systems which allowed him to freely gain access to their network.
The AFP worked in co-operation with Platform Networks to monitor the man’s movements inside their network before moving yesterday to arrest him, saying they’ll allege in court that the man “could have potentially caused considerable damage to Australia’s national infrastructure.”
Fairfax papers this morning were first to reveal the news, with Platform Networks managing director, David Hooton telling the paper that despite the hacking, “we do whatever we need to do to make sure that our customers are protected.”
The hacker has since been charged with one count of unauthorised modification of data to cause impairment and 48 counts of unauthorised access to, or modification of restricted data, both of which each carry a maximum penalty of 10 years and two years imprisonment respectively.
AFP National Manager for High Tech Crime Operations Neil Gaughan said in a statement this morning that despite having “strong” security in place, the hacking of Platform Networks shows anyone can be susceptible. “While Platform Networks had strong cyber security measures in place, even the best security systems are only as strong as the weakest link – it only takes one user with a weak password to put an entire network at risk,” he said.
“The Australian public should take this as a reminder that cyber safety is of crucial importance in the online environment.” The AFP also believe “hundreds” of other local and overseas servers may also be vulnerable or compromised.