BT's war on hackers cuts defacements

British Telecom has reported a significant reduction in the number of defacement attacks against its websites, following an...

British Telecom has reported a significant reduction in the number of defacement attacks against its websites, following an aggressive campaign to track down and arrest computer hackers.

The campaign by BT's computer emergency response team - one of only six crack IT security teams in the UK - has led to 37 arrests over the past three years and the seizure of thousands of pounds worth of computer equipment.

BT believes news of the crackdown spreading through the hacker community contributed to the number of graffiti attacks experienced by the company falling from 37 in 1999 to 11 in 2002.

"We were probably getting one or two defacements a month. It was irritating. It was not good for our image. Then there was the time and effort required to restore the site, finding out how the person got in and the type of the attack," said Martin Roberts, BT's group security director.

BT began using internal security expertise to identify and trace the people responsible for the attacks, following concerns that web defacements could damage the company's image.

It has uncovered several international networks of hackers who are using the internet to exchange information and boast about their achievements.

"We went out and, with the support of the police, we would go to people's houses. Quite often we would find the mother and father downstairs and a teenager upstairs. They were nearly all young men, very few women," said Roberts, speaking at the Protecting Critical Infrastructure Conference last week.

Although police charged some of the youngsters, most were let off with a caution after having their computer equipment confiscated. BT discovered that confiscation was the most effective deterrent to further attacks.

"Word quickly went around the hacker community that if you had a go at BT, police seized your equipment and retained it. That is important. We have seen the numbers drop over the past few years," said Roberts.

The company runs more than 100 firewalls, which block 14 million attempted network incursions from viruses and other threats every month, Roberts said.

The firewalls were able to halt the onslaught of the Code Red worm last year and the Slammer worm earlier this month, with only minor problems experienced on one or two servers.

BT is running awareness campaigns throughout the business to promote the message that good security strengthens the brand.

Read more on IT risk management