MWEB BUSINESS: HACKED
MWEB, launched in 1997, became South Africa's leading ISP in 1998. It has established itself as a company that provides a cutting-edge network and service infrastructure and outstanding customer service. Currently, MWEB's customer base of 320,000 includes home users; small, medium, and large business customers; and corporate clients. MWEB won the ISP of the Year award at the MyBroadband Conference in Johannesburg in 2010. The award was based on the performance of its various broadband services as well as on customer satisfaction. Its business division, MWEB Business, was founded in January 1998. MWEB Business prides itself as being a business partner that is perfectly positioned to leverage the power of Web-based technologies in all areas of an organization. MWEB Business helps companies:
• Manage business data in ways that add real value and insight to their operations
• Integrate existing systems with the Internet so as to close the gap between technology, strategy, and the organization's bottom line
• Develop, manage, and maintain solutions that include all aspects of Internet connectivity, Web site development and hosting, broadband and wireless applications, e-commerce, and consulttancy services
• Manage internal information among employees, as well as among business partners and suppliers MWEB has moved forward in publicizing its plans for the South African Internet market. According to MWEB CEO Rudi Jansen, the company needs to improve the quality of their network, which is not only an MWEB problem, but also a Telkom network problem. Despite having a less-than-ideal network infrastructure, MWEB uses AVG Internet Security to offer its customers the best possible security while online. AVG Internet Security offers MWEB customers the following features:
• Identity protection for safe banking and shopping
• LinkScanner for safe surfing and searching
• WebShield for safe social networking, chatting, and downloading
• Antiphishing and antispam for a safe uncluttered inbox
• High-speed antivirus/antispyware software with automatic updates
• An enhanced firewall In addition, MWEB automatically protects customers against junk email and viruses that are sent via email. Its virus filter ensures that only virus-free email is delivered to clients' inboxes by automatically cleaning e-mails from recognized malware sources. MWEB advises its customers to keep their ADSL connections safe from bandwidth theft and account abuse by blocking unsolicited incoming connections to network ports commonly used by hackers. Despite the multitude of security services offered by MWEB, a number of MWEB Business subscribers' account details were compromised when their logon and password details were published on the Internet by hackers. Initial reports indicated that as many as 2,390 users of MWEB's business digital subscriber lines were affected. The company disclosed the security breach on October 25, 2010. It appears that hackers gained access to the Internet Solutions' selfservice management system that MWEB Business uses to provide and manage business accounts that have not yet been migrated to the MWEB network. Historically, MWEB Business was a reseller of Internet Solutions' Uncapped & Fixed IP ADSL services, which were provisioned and managed by MWEB using a Web-based management interface provided by Internet Solutions. All new Business ADSL services provided after April 2010, as well as the bulk of legacy services already migrated, used MWEB's internal authentication systems, which were completely unaffected by this incident. MWEB responded quickly to the hacking incident. According to Jansen, about 1,000 clients on the Internet Solutions network needed to be migrated from the old server which was attacked by hackers. Although the network was quickly secured, most customers had recently been moved to MWEB's IPC network. MWEB would also be contacting these customers to reset their passwords, as an added security measure. Jansen was quick to note that no personal information was lost and that none of MWEB's clients suffered any losses as their usernames and passwords had been recreated and changed. He further added that MWEB successfully repels 5,000 attacks a day.
Andre Joubert, general manager of MWEB Business, emphasized that only ADSL authentication usernames and passwords had been compromised. The integrity of the personal or private data related to the accounts remained intact, as did the access credentials for each customer's bundled onsite router. Joubert did acknowledge the seriousness of the hack, apologizing for any inconvenience the breach may have caused to MWEB's customers. As soon as the breach was identified, MWEB took immediate action to evaluate the extent of the breach and to limit any damage. In MWEB's defense, Jansen said that MWEB constantly advises its customers to be vigilant regarding their online data and security. In addition, MWEB was working closely with Internet Solutions to investigate the nature and source of the breach to ensure that it does not happen again.
Case Study Question
1. What technology issues led to the security breach at MWEB?
2. What is the possible business impact of this security breach for both MWEB and its customers?
3. If you were an MWEB customer, would you consider MWEB's response to the security breach to be acceptable? Why or why not?
4. What should MWEB do in the future to avoid similar incidents?