The cracking of Vodafone Iceland’s website on Saturday is the most serious cyber attack Iceland has seen so far; security measures and telecommunications laws will be reviewed.
The Turkish computer hacker who cracked Vodafone’s website on Saturday had previously tried to crack the computer systems of another telecommunications company and a data centre in Iceland.
“It looks as if he was just testing doors,” Þorleifur Jónasson, head of the Icelandic Post and Telecom Administration told Vísir.
He didn’t comment on whether the cracker was successful breaking into other systems, only that it was obvious that in Vodofone’s case, he found something to steal.
“This is the first serious cyber attack in this country,” Þorleifur added, pointing out that CERT-ÍS, the Administration’s internet security unit, had often detected cracking of other websites but what made this case different was that the attacker managed to access delicate, personal information.
Þorleifur stressed the importance of encrypting data; information that is kept behind websites should be encrypted but, as reported, Vodafone Iceland failed to do that.
Hanna Birna Kristjánsdóttir, Minister of the Interior said it’s necessary to review internet security. She did however say that in this case, the responsibility lies with Vodafone Iceland.
Iceland has been pioneering in implementing electronic administration and some extremely personal information is kept as data with various state institutions.
Hanna Birna is concerned about the security measures in electronic administration. “People have to be able to trust that anything submitted there remains secured,” she told Vísir, adding that even though hacking can’t always be prevented, the data itself should be protected.
Leader of the Left-Green Movement, Katrín Jakobsdóttir, has requested that executives of Vodafone Iceland appear for the Transport and Communication Committee to discuss the data theft. She also requested representatives from the Post and Telecom Administration to be present.
“I asked for a meeting to go over things,” Katrín told Vísir. She added that Vodafone had broken the law by storing information longer than is allowed and therefore it’s only natural to look into the methods of supervisory authorities and discuss whether the law on information storage is efficient.
Around 100 people turned up at Vodafone’s law firm on Monday, requesting to see whether information about them were amongst those stolen from Vodafone’s website during the weekend. Not everybody were able to as a malfunction caused a delay and some had to wait up to 90 minutes.
Shares in Fjarskipti, the parent company of Vodafone Iceland, dropped by 12.1% in the Icelandic Stock Exchange as soon as markets opened on Monday morning.