Dutch tech journalist and author Daniël Verlaan, who recently hacked the lights on Rotterdam’s Erasmus Bridge, has now crashed an online secret meeting of the European Ministers of Defence.
Verlaan popped in and people started laughing. The President of the Council, Spain’s Josep Borrell Fontelles, said “Somebody has gone into the system! Who are you?” The President made a crack to the meeting participants about ‘having to invest in secrecy’, which is spot on. Verlaan said hello, identified himself as a Dutch journalist, said sorry, and quickly left.
Before he left, he was told “You know that you have been jumping into a secret conference?” (sic) […] It’s a criminal offence!” said Fontelles.
How did Verlaan do it? Dutch Minister of Defence Ank Bijleveld had posted a picture on Twitter where five digits out of the six digits of the meeting login code was visible, and the last one was found ‘in just a few tries’. Apparently, there wasn’t any additional security, either.
The meeting was then stopped because it was no longer confidential. Cue a good rant about online security.
Tags: cybersecurity, Daniël Verlaan, European Union, meetings, passwords, secrecy
Two weeks ago Emerce reported that the major Dutch banks had streamlined their terms and conditions with regards to theft resulting from phishing.
The new terms and conditions, which will come into effect on 1 January 2014, set out five conditions phishing victims must meet to be able to claim damages from their bank. Customers must:
- Never give their passwords to anyone.
- Never let others use their bank card.
- Adequately protect the equipment they use for electronic banking (i.e. install virus scanners and so on).
- Regularly check their bank statements.
- Report incidents right away.
Financial news site Z24 believes that these new rules are bad news for bank customers—they will have to pay for the damages of phishing attacks themselves in a greater number of cases. The site quotes Jurgen Braspenning of Tilburg University who accuses some consumers of being lazy and careless. “It would seem that extremely unfair or dubious cases may still count on the kindness of banks in the future.”
A spokesperson for the Nederlandse Vereniging van Banken (Dutch association of banks) tries to downplay the effects of the new rules: “it is not our intention to make customers more often responsible for the costs and we don’t expect them to be.” According to Z24 the burden of proof is always with the bank.
See also: Dutch banks won’t employ anti-skimming hook.
Tags: banks, identity theft, money, passwords, phishing, Tilburg University