A reported ransomware attack that affected the online live streams of Cox Media Group television and radio stations across the country entered its sixth day without a resolution on Wednesday, with no apparent end in sight.

Cox Media owns 33 TV stations in 20 markets, 65 radio stations in 11 markets and several multi-platform streaming video and digital platforms. The TV stations, in markets like Boston; Pittsburgh; Dayton, Ohio; Seattle; and Tulsa, Oklahoma are a mixture of major network affiliates like ABC, Fox, CBS, NBC and My Network TV and independents. Beginning on June 3, live online streams of its TV and radio station programming began to be affected.

According to Inside Radio, the attack was centered on internal networks and live streaming capabilities such as web streams and mobile apps at the Cox Media properties. Websites for the stations and most programming remained unharmed, but according to Inside Radio some live stream programming and newscasts had to be canceled. 

Inside Radio said Tuesday that the online feed for one Cox Media Group radio station (Atlanta's WSB-WSBB (750/95.5) returned to its desktop player and mobile app on Friday (June 4), but was down again on June 8.  A check of the station online on Wednesday afternoon showed that WSB-WSBB was back online. But other radio stations like Jacksonville, Florida ESPN Radio affiliate WOKV 690 were still offline. 

In addition, Cox Media Group’s corporate website also was inaccessible Wednesday. 

The attack apparently didn’t affect traditional broadcast or pay TV feeds for the channels. Dish Network, which reached a carriage deal with Cox Media for about 14 channels in December, said it experienced no issues with the broadcaster.

A check of its station websites on Wednesday, June 9 showed that the live feeds were still being affected. Charlotte, South Carolina ABC affiliate WSOC-TV,  Dayton, Ohio CBS affiliate WHIO-TV and Tulsa, Oklahoma Fox affiliate KOKI-TV posted disclaimers on their websites that live streams were currently unavailable and that the stations were “working diligently to bring it back online.” Other stations, like Orlando, Florida ABC affiliate WFTV offered partial feeds of past newscasts on their websites. 

Cox Media Group did not return repeated requests for comment.

Ransomware attacks have been on the upswing and the U.S. government warned last week that companies should be diligent in trying to prevent them. After energy company Colonial Pipeline paid $4.4 million to stop a ransomware attack that shutdown its East Coast operations for a few days in May, the U.S. Dept. of Justice said it has recovered about $2.3 million of those funds. 

Senators from both sides of the aisle expressed their concerns to Twitter Thursday (July 16) following reports of a massive bitcoin-related hack that affected high-profile accounts from Bill Gates to Joe Biden. 

Reportedly, the accounts were hacked to send tweets to followers asking them to donate to a cryptocurrency account. 

"I understand that Twitter is investigating the matter and has taken steps to remove the offending tweets," Sen. Roger Wicker (R-Miss.), chairman of the Commerce Committee, said in a letter to Twitter CEO Jack Dorsey. "But it cannot be overstated how troubling this incident is, both in its effects and in the apparent failure of Twitter’s internal controls to prevent it." 

“I’m extremely troubled by this hack of Twitter accounts,” said Sen. Ed Markey (D-Mass.) one of Congress' longest and strongest voices for consumer privacy. “While this scheme appears financially motivated and, as a result, presents a threat to Twitter users, imagine if these bad actors had a different intent to use powerful voices to spread disinformation to potentially interfere with our elections, disrupt the stock market, or upset our international relations," he said in a statement. "That is why Twitter must fully disclose what happened and what it is doing to ensure this never happens again. This hack also make clear how essential it is that we establish strong cybersecurity standards to protect Americans’ from scams, misinformation, and data theft online.” 

Wicker agrees with the potential for such hacks to extend beyond stealing. "It is not difficult to imagine future attacks being used to spread disinformation or otherwise sow discord through high-profile accounts, particularly through those of world leaders," he told Dorsey. 

In the wake of the hack, Fight for the Future has launched a campaign to get the company to implement default end-to-end encryption on its Direct Messages (DMs), though it was not clear whether the hack extended to DMs.

An alleged member of The Dark Overlord hacking group has been extradited from the United Kingdom to St. Louis to face charges. 

That is according to the Justice Department, which secured an indictment of Nathan Wyatt before a federal grand jury in 2017. 

Wyatt was arraigned Dec. 18 in the Eastern District of Missouri. He pleaded not guilty and was detained pending further proceedings. 

That six-count indictment comprised one count of conspiracy, two counts of aggravated identify theft, and three counts of threatening to damage a protected computer. 

As a member of The Dark Overlord, Wyatt was implicated in remotely accessing computer networks of multiple U.S. companies without authorization, stealing sensitive records and info and threatening to release it unless they paid a bitcoin ransom. 

Wyatt was accused of creating email and phone accounts used to make those extortionate threats. 

“Today’s extradition shows that the hackers hiding behind The Dark Overlord moniker will be held accountable for their alleged extortion of American companies,” said Assistant Attorney General Brian A. Benczkowski of DOJ's Criminal Division, in a statement. “We are thankful for the close cooperation of our partners in the United Kingdom in ensuring that the defendant will face justice in U.S. court.”

Amid the massive launch last week for Disney+ that saw more than 10 million users sign up for the subscription streaming service in its first 36 hours on the market, hackers have reportedly stolen “thousands” of accounts and put them up for sale on the Dark Web.

According to ZDNet, many users have tried to log into their Disney+ account, only to find that their account credentials have been changed, and that they are locked out.

Indeed, MCN found a number of complaints about stolen Disney+ accounts on Reddit and Twitter.

“Both email and password and my main profile photo and name were changed... super frustrated!!! I can’t get through to them,” read one complaint on Reddit.

Further corroborating ZDNet’s report, the BBC found several accounts posted for sale on the Dark Web, one for as little as $3. Note that the subscription service costs $6.99 a month.

For their part, Disney reps said there has been no indication of a security breach, and that incidents might have spawned from previous compromises of customer security information.

“Disney takes the privacy and security of our users’ data very seriously and there is no indication of a security breach on Disney+,” a company statement read. 

Devices consumers use to pirate digital copies and live streams of TV shows and movies appear also to be allowing for the theft of their owners' data in that Faustian bargain.

That is according to a nine-month probe by the Digital Citizens Alliance, which said that jailbroken Fire TV sticks and Kodi Boxes are being used by hackers to steal user names and passwords and breach networks.

The group has been hammering on the pirate-hacking connection for some time, producing a slick video last year to try and educate the public.

A study by bandwidth tracker Sandvine last year suggested that as much as 6% of all homes in North America had a Kodi open source media player in some form of content piracy mode.

Related: Fully Loaded Kodi Boxes Becoming Bigger Piracy Threat

The alliance has published its findings in a new report, Fishing in the Piracy Stream: Howthe Dark Web of Entertainment is Exposing Consumers to Harm. One harm is that users of piracy devices and apps are six times more likely to report issues with Malware, the alliance said.

“What the investigation shows is that as piracy shifts from websites and downloads to devices and apps, hackers are adapting and finding new ways to exploit consumers,” said Tom Galvin, executive director of Digital Citizens. “Consumers think these devices are like an Apple TV or Roku device, but they have a distinct difference: they have little to no incentive to protect their users. In other words, they are perfect for hackers.”

Related: Digital Citizens Alliance Warns of Pirate Facilitators

The group says its investigation, conducted in conjunction with cybersecurity firm Dark Wolfe Consulting, also uncovered a scheme to monetize stolen Netflix accounts.

Among the findings of the investigation were:

• Researchers found malware pre-loaded on apps used to illegally watch movies, sports, and other content

• Malware in the illicit ad-supported streaming app 'Mobdro' "forwarded the researcher’s WiFi network name and password to a server that appeared to be in Indonesia."

• That Malware "uploaded, without permission, 1.5 terabytes of data from the researcher’s device."

• Users of the illicit devices are abetting hackers by enabling them to bypass network security when the devices are connected directly to a home network.

• A scheme enabled "criminals" to pose as streaming sites, like Netflix, to gain illegal access to a legitimate subscription.

Among the alliance's proposed action items in the face of that hacking threat is for 1) consumer protection agencies--like the Federal Trade Commission, which has vowed to crack down on privacy violations--to warn consumers about the risks of illicit devices; 2) law enforcement to investigate and prosecute; and 3) digital marketplaces--eBay, Craigslist, Facebook--to ban the devices.

The alliance claims among its supporters, "health, pharmaceutical, and creative industries," the last which are obviously most affected by the aforementioned content piracy.

An online security expert has found yet more ways for malicious individuals to obtain sensitive information on Comcast subscribers using the company’s online customer service portal.

As first reported by Buzzfeed, cyber-security engineer Ryan Stephenson--a self-described “penetration tester”—has found two more ways a hacker could exploit Comcast customer-facing websites. It’s at least the second time in the last three months that Stephenson has found a breach in a Comcast portal, before going to the press about it.

In his latest discovery, Stephenson found one flaw on Comcast’s Xfinity in-home authentication page, which lets customers pay bills without entering their username and password, given that they’re connecting with their own IP address. Stephenson determined that a hacker could obtain a customer’s IP address, then derive partial home address info for the user.

Comcast is now requiring customers to authenticate, even though they’re in their bed or living room.

Related: Comcast Confirms Deactivation of Congestion Management System

The other exposed vulnerability involves Comcast’s authorized dealer sign-up page. If a hacker could obtain a customer’s billing address, they could use this tool to also illicitly obtain the last four digits of the subscriber’s Social Security number, the security consultant found.

“We quickly investigated these issues and within hours we blocked both vulnerabilities, eliminating the ability to conduct the actions described by these researchers,” Comcast said in a statement. “We take our customers’ security very seriously, and we have no reason to believe these vulnerabilities were ever used against Comcast customers outside of the research described in this report.”

The cable company continues to reconcile customer demand to make online tools intuitive and easy to use with the efforts of at least one notable online security guru, determined to find every conceivable way possible to exploit the cable company’s portals.

In May, for example, Stephenson discovered a means to use a Comcast online portal for router configuration to illicitly obtain home address info, as well as Wi-Fi network names and passwords, then reported to ZDNet.

And in June, ZDNet reported on a tip from anonymous security expert, showing that an API used by Comcast could be “tricked” into returning customer data, including account numbers and home addresses. 

The Justice Department said Wednesday (March 15) that it has indicted two members of the Russian Federal Security Service (FSB), the successor to the KGB, an intelligence agency of the Russian Federation, and two outside hackers, in the theft of about 500 million Yahoo accounts in 2014.

The two Russian officials, Dmitry Dokuchaev and Igor Sushchin, "protected, directed, facilitated and paid criminal hackers [Alexsey Belan and Karim Baratov] to collect information through computer intrusions in the United States and elsewhere," the Justice Department said.

“Cyber crime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” said Attorney General Jeff Sessions in announcing the multicount indictment by a grand jury of the Northern District of California. “But thanks to the tireless efforts of U.S. prosecutors and investigators, as well as our Canadian partners, today we have identified four individuals, including two Russian FSB officers, responsible for unauthorized access to millions of users’ accounts. The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law.”

"People rightly expect that their communications through Silicon Valley internet providers will remain private, unless lawful authority provides otherwise," said U.S. Attorney Brian Stretch for the Northern District of California. "“Working closely with Yahoo and Google, Department of Justice lawyers and the FBI were able to identify and expose the hackers responsible for the conduct described today, without unduly intruding into the privacy of the accounts that were stolen. We commend Yahoo and Google for providing exemplary cooperation while zealously protecting their users’ privacy.”

The indictment comes as members of Congress are looking into both that hack, another Yahoo! breach and allegations the Russians hacked Democrats' email accounts to influence the 2016 election.

Yahoo! agreed to cut the price Verizon is paying to buy the company by $350 million in light of its two breaches.

The hackers targeted "accounts of Russian and U.S. government officials, including cybersecurity, diplomatic and military personnel," according to the indictment. In addition, they targeted "Russian journalists; numerous employees of other providers whose networks the conspirators sought to exploit; and employees of financial services and other commercial entities."

Ironically, the FSB unit that the indicted officials worked for is the point of contact for the FBI in Moscow for cybercrime matters.

“This … is … bad.”

The chief information officer at Liberty Global, Veenod Kurup, mouthed those words, mostly to himself, as he saw the Guy Fawkes mask of Anonymous appear in the YouTube video.

It was bad enough that there was an outage in the system, and a big one. Hundreds of thousands of homes and counting — eventually 2.2 million, or nearly two of every three of Liberty’s Netherlands broadband subscribers — were now essentially unplugged.

Worse, the cause wasn’t a late summer storm or a lightning strike, but something far more devious: a breach in the company’s cyber defenses through an overwhelming distributed denial-of-service (DDoS) attack on company servers.

Transfixed by the video, Kurup and other executives realized the unfolding tech nightmare was getting worse. It appeared to be the sinister work of Anonymous, the infamous global Internet vigilante group known for ferocious attacks.

The Liberty executives listened in disbelief in their offices near Amsterdam as the eerie synthesizer-distorted voice on the screen explained how the next attacks would be even harsher. The target: Liberty Global’s newly acquired Ziggo operations in the Netherlands.

The audio ended with a version of the group’s signature coda: “We are Anonymous. We are legion. We do not forget. We do not forgive. F---k your bad services. Expect us.”

When it ended, the room fell silent for a second.

Over the ensuing 72 hours of August 2015, a bizarre chain of events would leave Liberty executives flummoxed, and forever wary. The crisis would embroil an eclectic set of characters, including frazzled cable engineers, detectives with the Dutch Police’s High-Tech Crime Unit, cyber gumshoes at the National Cyber Security Centre, the digital vigilante group known as Anonymous, copycat hackers looking for Internet glory and the true perpetrators, who briefly evaded authorities despite their crude methods.

In bringing down Liberty Global’s Ziggo network, the criminals and the manhunt to capture them yielded some crucial lessons for the many media companies — indeed, any major industrial concern — that will inevitably confront this insidious peril of the Internet Age: that they will be victimized by a hacker or attacker hell-bent on stealing data, demanding money or bringing the system down.

Hacking is big business, and it’s getting bigger. Cybercrime inflicts annual costs to the global economy exceeding $400 billion, according to a study by the Center for Strategic and International Studies, sponsored by cybersecurity firm McAfee. Costs could reach up to $2.1 trillion globally by 2019, according to Juniper Research. Other estimates put the figure at a mind-boggling $6 trillion within five years, including lost productivity, fraud and post-attack disruption.

Cable operators and other ISPs rarely speak about cybercrime for fear of inadvertently revealing network vulnerabilities, but given the widespread, mostly unauthorized revelations about the Netherlands cyberattack, Liberty executives agreed to share limited details to clarify the episode.

Sometimes a breach occurs for all the wrong reasons. A company can do all the right things, create the best safeguards and vigorously review security, but may overlook a tiny flaw in the system.

Liberty’s network, like that of many ISPs, is attacked constantly in a variety of ways (see chart), but the attempts are kept at bay with increasingly sophisticated safeguards. Though outages at big ISPs from hackers are rare, the odds continue to grow in the hackers’ favor as digital commerce and cloud computing thrive. Wireless operations are, in many ways, even more vulnerable.

Evolving prevention and detection strategies are as elaborate as they are endless: “honeypots,” for example, are computer systems set up to act as a decoy to lure cyber-attackers and study their methods. Liberty had long ago implemented a holistic approach to security beyond just firewalls, with a 24-hour monitoring team in a global security operations center. Highly trained executives followed a thoughtful crisis-management process. Recent upgrades had already reduced malware infection rates by 25% since January 2015. With a comprehensive plan backed by best practices, the network security team was comfortable the company could withstand most cyber attacks.

THE ATTACK BEGINS

But last summer, a rupture suddenly and quietly appeared in the front lines. And like all successful attacks, the intruders caught the fortress completely by surprise. It was as if the cable giant had built reinforced steel walls with spotlights and guard dogs in front of the house and then left a window open in the new annex out back.

Around 9:30 pm on Tuesday, Aug. 18, Liberty technicians got word that Ziggo, an incumbent cable operator acquired by Liberty months earlier, was reporting outages.

Ziggo had only just begun the process of integrating its system into Liberty’s, but no matter: Liberty owned them now and complaints were lighting up call centers by the thousands. In just hours, hundreds of thousands of customers would be without broadband services.

Ziggo and Liberty engineers quickly huddled on a conference call to determine the cause of the outage. More often than not, the problem can be traced to an equipment failure. Not this time. Within an hour, the engineers, because of the mushrooming volume of outages, quickly realized Ziggo was under a distributed denial of service (DDOS) attack. This was a Priority 1 incident.

Liberty Global’s chief technology officer, Balan Nair, knew reaction time was critical. “The key to solving all this is a function of how quickly you react initially and how good your team is,” he said. “Up and down the ladder, everyone was taking this very seriously. They were burning the midnight oil on this.”

A distributed denial-of-service attack typically floods a company’s network by inundating it with connection requests, leaving the targeted server overwhelmed, a lot like Lucy at the chocolate factory, frozen by its inability to keep pace with commands. Often the culprit is using an army of hijacked Web browsers or malware-infected computers, or botnets. According to a report by TrendMicro Research, $150 can buy a week-long DDoS attack on the black market.

Indeed, DDOS attacks are common — Liberty, like many cable operators, fends off up to 10 Gigabits of DDOS attacks — per day. This particular attack targeted DNS servers, which redirect domain names to correct IP addresses. Social media chatter about the outage began building — for those that could still get online.

Social media, in fact, supplied the first clues to identifying the perpetrator. Several groups began to claim credit via Twitter. Then came the YouTube video. As it played against a still photo of a Guy Fawkes mask, the synthesized voice began its threat:

“We, Anonymous, have a message to company Ziggo … now we’re going to hold Ziggo offline for a few days because Ziggo offers bad service. This is the last warning. We are Anonymous. We not forgive. We do not forget. F---k your bad services. We are Legion. Expect us.”

Recalls Kurup: “That shook us to the bone.”

The nature of a DDOS attack is that it ebbs and flows, and by 5 a.m. on Aug. 19, several hours after the first thrust, the attack seemed to ebb with the countermeasures of Ziggo and Liberty engineers. Liberty executives breathed a moment of relief: Customers could be back online when they awoke.

The DDOS attack had not been so unique or complex, so why had the network become so suddenly vulnerable?

While the tech teams were puzzled at first, they soon realized the cause. Despite defenses that Liberty Global had in place, the firewalls in front of newly acquired Ziggo’s DNS servers had not been set up according to Liberty Global standards, and had collapsed. Firewalls prevent routine unauthorized access, but not the kind of voluminous attacks of the sort that targeted Ziggo.

Moreover, the attackers had caught Liberty at its weakest moment — in the middle of migrating an entire network. As the DDoS attack ebbed, Liberty and Ziggo engineers were left chewing on a tough question: how to instantly migrate Ziggo’s network into Liberty’s — usually a months-long task with tests, changes and documentation required — in one day.

The engineers hatched an audacious scheme. Senior managers, confident the team could execute, approved the plan instantly.

“They said, ‘You know what you need to do — do it,’ ” said Kick Fronenbroek, a senior security specialist for Liberty Global.

At some point on the second day, another threatening YouTube video surfaced. This one was more specific, and raised questions about the attacker’s true identity. Posted by someone ominously dubbed “AnonNazi,” it featured a crudely drawn, green, animated, hooded character with a synthesized voice, emblazoned with a banner with swastika icons.

The voice claimed full credit for the earlier attack, dismissing Anonymous. “Some other people are claiming it was Anonymous, but it was not. We attacked the DNS service because of the bad service that Ziggo provides …” AnonNazi boasted.

His next utterances were pointed.

“Because of bad service we want you to pay all of the customers all of their money back for about one week. If you don’t accept this, we will continue with more powerful attacks,” the voice threatened. “You have been warned.”

The question burning on everyone’s mind: if this wasn’t the real Anonymous, who in the hell had just brought down service to nearly 2 million homes? Executives at Ziggo and Liberty were baffled.

Around 4 p.m. on that second day, Aug. 19 — after the first attack, and before the migration of the network — there was another, more ferocious assault using a different entry method.

Again, consumers and businesses across the country were digitally stranded with no broadband service. In just 24 hours, the national network had absorbed two unprecedented cyberattacks. “We had outages before, but this is the first big one we had,” Kurup said. “Nothing like it before.”

That roughly 2 million customers were without broadband (TV service worked fine) was enough. But the self-proclaimed attackers, AnonNazi, took to social media to pour salt in the wound: Liberty stood helpless — for the moment — as a second wave of digital torpedoes directed by the same hackers penetrated the bulkheads.

“We now understand the weakness, but we also see that the system is allowing it to happen,” Kurup said. “We knew we could fix this problem.”

The crisis was escalating. On YouTube, Ziggo was threatened with new attacks. At the same time, the attackers announced a new target, KPN, a Dutch telecommunications company.

The Dutch Ministry of Security and Justice called the attack “serious,” and Liberty executives called in the High-Tech Crime Unit of the Dutch Police Services Agency.

A growing team of technicians were tackling the DDOS attack, and by the evening on the second day, had counteracted the menace of the incoming traffic. The traffic issue was becoming more manageable.

By about 3 a.m. on Aug. 20 — about 50 hours into the attacks — engineers had redirected the flow of traffic, essentially by offloading it to island data centers.

Working around the clock, the teams had finally migrated the network and successfully updated defenses. All mitigation steps in Liberty’s elaborate security protocol were in place. Engineers at Ziggo and Liberty were content for the moment. The back window was shut.

Although the attackers had managed to inflict inconvenience, the company had reason to be proud of how it battled back. Its fast reaction preserved customers’ data and privacy, and minimized downtime for countless business and residential subscribers. An endto- end security plan made the attack manageable. And the incident left Liberty’s security team with invaluable battlefield experience.

As Liberty stated in its annual report, “the overload impacted 2.2 million customers, yet within 24 hours, our teams were moving 130,000 customers per hour to more resilient infrastructure. Two days later, full service was restored.”

Liberty now was intent on winning the war. Fearing further attacks as a result of the threats hurled over YouTube, Liberty didn’t just drop the matter, as many corporate hacking victims do. The company pressed a criminal investigation, beginning a cat and mouse game to track down the culprits, while bracing for more attacks.

But a strange thing happened — nothing.

Much to the bewilderment (and relief) of executives, no large-scale DDoS hacking attempts were detected in the system. The threatened deadline came and went. Ironically, the hacker’s inaction provided a major clue.

Serious hackers, not to mention ransomware, vow a certain time for an attack — and stick to it. That this code was not honored virtually confirmed suspicions that Anonymous wasn’t behind the attack.

A subsequent Twitter post by AnonOps, which claims to have ties to the actual group, echoed many social-media commenters: “DDoS on #Ziggo is not an #Anonymous operation.”

HACKER VS. HACKER

Then the manhunt took a bizarre turn for investigators: the groups claiming credit for the attack began to insult and threaten one another on social media.

Some dismissed the poster AnonNazi as a pretender. Another self-proclaimed hacker, AnonymousScruggs, claimed credit for the attacks on Ziggo.

“They were having turf wars,” said John Fokker, who, with Ton Maas led the digital team for the High Tech Crime Unit of the Dutch National Police. “Most [professional hackers] are discreet about how they approach the company. They don’t have a beef on Twitter.”

Days later, on Aug. 26, a video narrated by the synthesized voice of a faint image, hooded and tinted purple, and posted by “Code Red,” drew Liberty’s attention:

The hackers began to “dox” one another, an attack wherein all of a target’s personal documents (email addresses, phone numbers and bank accounts) are released on the Internet. On the Twitter account of AnonNazi, a post read simply, “This account has been compromised by @BOEFII.”

Said another post by @BOEFII under a story about the attack on a media website in the Netherlands:

“I would like to thank everyone who participated in helping me to dox every single person from Anon_Nazi. They are destroyed and they will never cause any harm to Ziggo again.”

Had a bunch of glory-hungry hackers claiming credit for the same crime just turned on one another — outing each other in the process?

Top engineers at Liberty were left scratching their heads.

In addition to the police, Liberty called in digital detectives from the National Cyber Security Centre, which collects data and advises organizations on security, and a rapid response team from Deloitte, which focused more on forensics.

Over the next several days, Liberty engineers began turning over discs of data to investigators. Digital detectives scoured social media for clues, conducted interviews and studied logs of interactions between the Liberty/Ziggo servers and outside computers. Investigators searched for patterns and addresses that matched the information they were gathering about the attackers.

As the digital dust settled, Liberty executives reviewed detection and prevention measures all across the Liberty Global footprint. “We had already sanitized the entire system,” said Kurup.

Chasing the digital breadcrumbs, the public claims of credit, and the battle between the hackers, Fokker and Maas moved quickly and made two arrests early on.

Six weeks after the initial attack, on Oct. 7, 2015, Dutch police arrested four minors between 14 and 17 years old and one 21-year-old. The boys come from Berkelland, Lochem, Den Helder, Schoorl and Vinkeveen.

Police seized computers, mobile phones, external hard drives and USB sticks. The young suspects “wanted to show they were capable of having a major effect such as taking down an Internet provider,” the National Prosecutor’s Office said in a statement to Dutch media.

Under Dutch penal code, the suspected hackers face up to two years for the DDoS attack. Because of the extortion threats, they face a maximum of an additional 12 years behind bars. A trial date has not been set, but because of the suspects’ age, leniency will be sought.

Today, the Liberty and Ziggo engineers are sensitive about the incident. “If the same cast of characters had done this anywhere else in our global footprint — Germany, France, Belgium — it wouldn’t have even caused an outage,” said Kurup. “We would have intercepted it. It would have been logged as a routine attack.”

Kurup hopes the apprehension of the hackers, which made big headlines in the Netherlands, deters others. But no matter — the incident has made the entire company more vigilant, and that’s a good thing.

“It’s a constant battle,” Kurup said.

STATE of CYBERSECURITY

500M

Number of accounts that Yahoo said hackers had accessed containing passwords and personal details in 2016.

SOURCE : Yahoo

129%

Increase in DDoS attacks in Q2 2016 vs. Q2 2015

SOURCE : Akamai State of the Internet Security Report, Q2 2016.

45%

Increase in 2015 of detected security incidents over the year before for telecommunications companies.

SOURCE : PWC, The Global State of Information Security Survey 2016. Based on responses of more than 10,000 CEOs, CFOs, CIOs, CISOs, CSOs, VPs, and directors of IT and security practices from 127 countries.

100M

Number of fake tech-support scams blocked by Symantec in 2015, whereby pop-up error alerts steer victims to an 800 number where “tech- support reps” sell services.

SOURCE : Symantec

39%

Percentage of companies that cited “budget” as the biggest barrier to adopting advanced security processes and technology.

SOURCE : Cisco 2015 Security Capabilities Benchmark Study

54%

Percentage of companies that cited malicious software downloads as the leading cause of internal breaches.

SOURCE : Cisco Systems, Security Risk and Trustworthiness Study

93%

Percentage of cases in which it took attackers “minutes or less” to compromise systems. Organizations, meanwhile, took weeks or more to discover that a breach had even occurred — and it was typically customers or law enforcement that sounded the alarm, not their own security measures.

SOURCE : Verizon 2016 Data Breach Investigations Report

65%

Percentage of respondents who collaborate to improve cybersecurity and reduce cyber-risks, up from 50% in 2013.

SOURCE : PWC The Global State of Information Security Survey 2016, based on responses of more than 10,000 CEOs, CFOs, CIOs, CISOs, CSOs, VPs and directors of IT and security practices from 127 countries

HACKING 101: HOW TO GET IN

Cybercrime is any criminal act involving a computer and/or a network. Hacking is the unauthorized access into a computer system. Crimes can take any form, from outright theft of data or funds, damage to a network or harm to a reputation. Increasingly, one of the weakest links in security is the employee. Most attacks on companies involve some sort of malware, a broad term for malicious code, including Trojans, worms and viruses that steal or destroy data, often introduced through emails, downloads or other network weak spots. Some common terms below:

• “Phishing” attempts involve official-looking emails tempting employees to click on a link that can trigger countless malware possibilities. (Spear phishers focus narrowly on a single company or individual.)

• Distributed Denial of Service (DDoS) attackers use multiple hijacked computers to push through a huge volume of traffic through the network until it becomes overwhelmed and no longer functions.

• Botnets, also known as “zombie armies,” are groups of infected computers controlled by third parties for DDoS attacks or for distributing other malware.

• Trojan attacks allow attackers to remotely steal data and manipulate the computer.

• Ransomware demands a ransom after blocking access to the computer by encrypting files on the hard drive.

• Spyware allows attackers to go undetected on infected computers to track users movements on the Internet, even keystrokes for theft of accounts, etc.

• Adware redirects users to unwanted advertising.

• SQL injection inserts a nefarious code in a website/’s entry field that allow attackers to manipulate or steal or destroy data.

Comcast was put on the defensive last week when a security research firm said it found vulnerabilities in the Xfinity Home platform that could let outsiders hack in and wreak havoc.

Philadelphia-based Comcast, which has more than 500,000 Xfinity Home customers, said it is looking into the findings, but noted that its platform uses the same industry-standard systems as other providers. That means it could be an issue for the entire smart home and security sector, not just Comcast.

Rapid7, the company that put out the report, said would-be hackers could easily target the ZigBee-based wireless platform Comcast uses in the 2.4-Gigahertz band, which, Rapid7 claims, can be jammed to block communications between the Xfinity Home hub and other components of the home automation and security system, such as door sensors.

Xfinity Home “does not fail closed with an assumption that an attack is underway,” Rapid7 said. “Instead, the system fails open,” meaning that the sensors would believe that all sensors are intact, all doors are closed and no motion is detected. That improper state can last from anywhere from several minutes to three hours, it said.

There are a number of techniques available to cause interference or deauthenticate the underlying ZigBee-based communications protocol, Rapid7 said, including commonplace radio-jamming equipment.

“By creating a failure condition in the 2.4-GHz radio frequency band, the Comcast Xfinity Home Security System fails open, with the base station failing to recognize or alert on a communications failure with the component sensors,” the researchers said. “In addition, sensors take an inordinate amount of time to re-establish communications with the base station, even if their ‘closed’ state is switched to ‘open’ during the failure event.”

There are “no practical mitigations” to resolve the issue, Rapid7 said, holding that it might take a software or firmware update to the base station to determine how much and how long a radio failure condition should be tolerated, and how quickly sensors can re-establish communications with the base station.

Comcast said it will look into the findings, and intends to work with others in the homesecurity and automation sector on ways to handle the situation.

“Our home-security system uses the same advanced, industry-standard technology as the nation’s top home-security providers,” the operator said. “The issue being raised is technology used by all home security systems that use wireless connectivity for door, window and other sensors to communicate.

“We are reviewing this research and will proactively work with other industry partners and major providers to identify possible solutions that could benefit our customers and the industry.”

And it would seem that other systems could also be exposed by similar vulnerabilities.

In 2014, Oak Ridge National Lab and Qualys found similar jamming issues on systems from suppliers such as ADT and Vivint that also rely on radio signals between door and window sensors and control hubs.

The good news is that it’s still a relatively small problem. CNET reported last year that the odds of hackers bypassing a security system remain small enough that the FBI does not track those statistics.

But it’s an issue that will need to be solved as more consumers sign up and install these smart home platforms. The Consumer Technology Association predicts that the smart-home tech sector (including connected thermostats, cameras, smart locks and lighting) will reach 8.9 million units sold in 2016, a 21% increase, alongside $1.2 billion in revenue.

On the heels of the Sony Studios cyber hacking controversy, Syfy announced Monday it will develop an original series that follows the world of high-tech cyber attacks.

The series, Hackers, will be produced in tandem with Relativity Television and will reveal the secrets behind the most infamous cyber-crimes ever committed, according to network officials.

The series will focus on “ripped from the headlines” stories of real-life hackers who turned entire industries upside down through interviews with the actual perpetrators as well as law enforcement agents who tracked them down, according to Syfy.

The series comes amid last month's Sony hacking scandal over the release of the studio's film The Interview. Initially, the studio shelved the film -- which centers on the fictional assassination of North Korean leader Kim-Jong Un --  in the wake of a cyber attack and threats by hackers that the FBI confirmed to be connected to the North Korean dictatorship, although some news outlets are now reporting that the cyber corruption may have eminated from a Sony insider.

The film over the past two weeks has been released via video on demand through several distribution outlets incliuding In Demand, as well as to more than 500 independent theaters.