Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

BT faces writ over hackers

Charles Arthur
Thursday 26 October 1995 00:02 GMT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

CHARLES ARTHUR

Technology Correspondent

The London branch of the advertising agency J Walter Thompson is considering suing British Telecom, after phone hackers exploited flaws in a switchboard sold by BT to make pounds 60,000 worth of free calls in four days.

Managers at the agency also say they may club together in any lawsuit against BT with other companies whose switchboards have been broken into by hackers.

"BT failed to support us to the level that they should. They didn't provide the means or the training to protect us against this fraud," said Alison Sanderson, commercial director at JWT's London office. Janet McMillan, the company's technical director, added: "The features that the hackers used to get through our system are the same ones that BT put forward as a selling point."

Earlier this month, the Independent revealed that phone hackers have for years used well-known flaws in the voicemail systems of the Meridian switchboard to make calls lasting hours, directed all over the world. They dial into the company after hours, often on freephone lines, and reprogramme unanswered extensions remotely to dial external numbers. The calls are thus charged to the switchboard's owner.

BT has sold more than 50,000 Meridian systems in the UK since 1991, but only began to realise the extent of the hackers' activities late last year. In January, an internal BT memo told staff "not [to] discuss the various means by which fraud can be made - this will only serve to alarm the customer further". Ms McMillan discovered in May that criminal hackers based in New York were dialling through JWT's Meridian switchboard to make calls. They reprogrammed extensions to dial numbers in China, Yemen and Syria.

JWT was an essential link in the hackers' chain because they were making the calls using telephone card numbers stolen from the phone company AT&T. These do not allow direct calls to developing countries. "They needed to dial through another exchange to get out, and we were the intermediate," said Ms McMillan. "The calls lasted hours. It's big business, a multi- million pound fraud, not some teenager in an anorak sitting in his bedroom."

Ms McMillan disabled the facilities which made the hacking possible. But she said that reduces the usefulness of the switchboard: "It's just like a big, expensive answering machine."

Anecdotal evidence suggests that phone hacking is growing rapidly in Britain, and probably costs British businesses millions of pounds annually. At least three British-based companies have lodged complaints with the telecommunications regulator, Oftel, about their treatment by BT.

The Independent has also learnt of a number of other victims of such hacking, including a school and a hospital, which hackers used to make pounds 40,000 of fraudulent calls in one week.

In January, BT sent a four-page security warning specifically to Meridian owners, which it said "covers the main vulnerable areas and how to guard against hackers". But Ms McMillan said: "It was next to useless - it told you to restrict access, but not how."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in