The Police Central e-Crime Unit (PCeU) of the Metropolitan Police has arrested a man on suspicion of hacking the website of the UK's largest abortion clinic.
The 27 year old man – who claims to have links to hacktivist group Anonymous – was arrested in Wednesbury, West Midland, in the early hours of this morning (9 March 2012) on suspicion of offences under the Computer Misuse Act.
The arrest was in response to a defacement and data compromise of a website run by the British Pregnancy Advisory Service (BPAS).
Using the pseudonym Pablo Escobar, the hacktivist threatened in a Twitter posting to release the entire database and contract details of women who had used the BPAS.
However, the PCeU said the website contained only general information and no medical or personal
information regarding women who had received treatment at BPAS was obtainable.
"It should be stressed that the stolen data did not contain the medical details of women who had received treatment or why individuals had contacted the BPAS," said detective inspector Mark Raymond of the PCeU.
The BPAS said its website had been hacked into and defaced for a period on 8th March, 2012 in what appeared to be a sophisticated cyber attack by an anti-abortion extremist.
“Around 26,000 attempts to break into our website were made over a six hour period, but the hacker was unable to access any medical or personal information relating to women who had received treatment at BPAS," the organisation said in a statement.
The BPAS website does store details such as names, addresses and phone numbers of people who have requested information, the BPAS said.
Hacktivism is increasingly viewed at a threat that organisations should defend against, but hacktivists should not require any special attention, according to Amichai Shulman, chief technology officer of security firm Imperva.
"Hacktivist attacks are occasional, while criminal attacks are a daily reality for most businesses and other organisations, so they should concentrate on those," Shulman said.
If businesses are prepared for criminal hackers, they should be prepared for hacktivists because unlike criminal hackers, hacktivists tend to use standard tools that are easier to defend against, Shulman told Computer Weekly.
"If organisations are taking care of what matter, hacktivists are not going to be an issue," he said.
The biggest problem, said Shulman, is ignorance of the threat, because it is impossible to defend against something that is not understood.
"Businesses today are under continual attack from cyber criminals, so mitigating against cyber attacks should be part of business as usual," Shulman said.