A couple of months ago information security specialists reported a hacking incident against London Metropolitan Police, whose Twitter account (with more than a million followers) was taken over by hackers to show a series of bizarre posts. The hackers also sent some emails from the Police Press Office.
After months of research, the authorities have arrested two teenagers (aged 18 and 19) from Scotland, accusing them of the hacking incident against official police communication platforms.
During this incident, which occurred last July, hackers took control of Scotland Yard’s Twitter account to post some tweets referring to British rapper Rhys Herbert, better known as Digga D. The artist was imprisoned in 2018 along with four gang members, accused of planning an attack on a rival gang member.
Always wrapped in controversy, US President Donald Trump took the opportunity to mock Sadiq Khan, mayor of London. “With your incompetent mayor, the streets of London will never be safe, he even lost control of his Twitter account,” Trump posted on the social network.
According to information security experts, the authorities were quick to rule out the possibility of a full attack on the police’s IT infrastructure. In fact, unauthorized access was made possible by a third-party service that automatically distributed content created by Scotland Yard staff to their website and Twitter profile.
Regarding the arrest of the two young men, a spokesman for the London Police said: “We have arrested two individuals, aged 18 and 19, in connection with unauthorized access and the publication of inappropriate content on the official communication platforms of the Metropolitan Police On Friday, July 19, 2019.” The spokesman concluded by mentioning that a report will be sent to the Crown Office and the Prosecutor Office.
Because it is still unknown exactly what crimes the two teens will be charged for, it is not possible to estimate what penalty they face.
Information security specialists from the International Institute of Cyber Security (IICS) say the British authorities have implemented updated security policies after this incident, as they believe it was too easy for the hackers to compromise access to their official accounts.