Teenagers arrested over anti-terrorist hotline jam
Two teenage boys have been arrested in connection with the alleged hacking of the UK's Anti-Terrorist Hotline on Thursday.
The attack in question had been claimed by the TeamPoison hacker group, which previously targeted the United Nations, the Home Office and RIM. A 16-year-old and 17-year-old were arrested at a West Midlands address on Thursday evening and were each charged under the Malicious Communications Act 1988 and the Computer Misuse Act (CMA) 2006.
The boys were actually charged under the CMA twice, with one charge relating to an "unconnected" investigation, the Met's Police Central e-Crime Unit (PCeU) said in a statement. Both remain in custody.
TeamPoison posted a YouTube video on Thursday that apparently contained a recording of anti-terrorist hotline staff, who were discussing the high volume of calls they had been receiving from TeamPoison members in the middle of the week. Hundreds of the calls were made, apparently automatically, and they effectively jammed the hotline.
The group had previously posted recordings of two of the calls. In one, the caller identified himself as TeamPoison member Trick, and claimed to be a 16-year-old named Robert West. The caller appeared to be an American trying to put on a British accent.
"Knowledge is power. We embarrass governments and fuck the police," the caller said, explaining his group's motivation. "OK… your information and everything about what you've got is being passed to the FBI," the hotline staff member replied.
Someone claiming to be Trick also emailed the Press Association to say that the newly-released conversation between anti-terrorist staff members had been recorded via a compromised server in Malaysia.
"The phone denial of service was done via a custom script for Asterisk which was installed on an overseas server," 'Trick' wrote. "The conversation was tapped into via a private phreaking method, their phone system is old and we found a way to get in via basic but private phreaking technique."
Internal systems 'secure'
According to the Guardian, the Metropolitan Police have insisted that its "internal systems" and the hotline itself are secure, and that the conversation had been made by some other means.
"We are satisfied that any recording would have been made via the receiving handset only and not from an attack on internal systems," a Met spokesperson was quoted as saying. "The public can remain confident in the ability to communicate in confidence and that the integrity of the anti-terrorist hotline remains in place."
ZDNet UK asked another Met spokesperson whether, if the conversation was recorded via the "receiving handset" — or Skype, as may have been the case — this may mean that an incoming call had been unwittingly picked up and left running.
The spokesperson neither confirmed nor denied that this was how the recording was made. In the UK, it is legal for one party in a call to record that call without telling the other person, although it is illegal for most people to deliberately record multiple parties who do not know they are being listened in on.
"The incident is being investigated and enquiries continue," the spokesperson said.
At the start of February, the Anonymous hacking collective — with whom TeamPoison had previously teamed up for the Occupy-inspired 'Operation Robin Hood' — published a call between the FBI and Scotland Yard staff. That call had been a discussion of earlier attacks by Anonymous and LulzSec.