News Corporation ‘Hacked’ Sky Rival’s Smart Cards

The latest NewsCorp scandal finally involves some real hacking

NDS, a subsidiary of News Corporation, allegedly hacked and distributed smart card codes that led to the downfall of Sky’s main competitor ONdigital, according to evidence broadcast by BBC1’s Panorama programme yesterday.

The investigative show called it “the biggest Murdoch hacking scandal of all”, and adds accusations of real hacking to those of News Corp’s so-called phone hacking. NewsCorp is alleged to have paid to have ONdigital smart cards hacked and then run pirate sites which distributed those keys to undermine ONdigital’s revenue stream.

The House Of Ill Compute

The ONdigital pay-TV service operated on a digital terrestrial network from 1998, and went out of business in 2002, after rebranding as ITV Digital, having failed to sell enough subscriptions to digital TV content, despite offering free set-top boxes – and the popular recognition of the knitted monkey which starred with comedian Johnny Vegas in commercials.

Panorama interviewed Oliver Kommerling, the German hacker who was employed by NDS and Lee Gibling, who was the administrator of a pirate website under the control of the company. It also gained access to several e-mails which appear to confirm NewsCorp was indirectly involved in smart card hacking.

Just last year, News Corporation was under investigation after it emerged that News of the World journalists illegally accessed voicemails of several hundreds of people.

Smart cards in pay-TV work like keys. Get the right key, and it will unlock a set-top box, letting the user watch digital television. Encrypted information on the card is used to establish whether a user has an active subscription, and what channels he or she has access to.

Even though smart cards are designed with security in mind, they can be hacked. Once the code is broken, it can then be copied to other cards and sold, giving buyers free access to a digital TV networks. And that is exactly what NewsCorp is accused of.

Evidence suggests that NDS, a security company owned by NewsCorp that was making smart cards for Sky, employed hackers to break the codes contained in the cards of its rival, ONdigital. The card codes were later distributed by the pirate website “The House Of Ill Compute”, or THOIC, run by NDS.

The website administrator Lee Gibling first came to the attention of NewsCorp personnel when he successfully hacked Sky’s own smart card. Instead of prosecuting him, NDS allegedly hired him, and developed the website further. The company invested in computer equipment and paid Gibling up to £60,000 a year as a consultant.

Later, NDS hired the German hacker prodigy Oliver Kommerling. Kommerling specialised in smart cards, and had earned money through piracy before being approached by the company.

He was invited to work in an NDS laboratory, allegedly financed by NewsCorp. At first, Kommerling was working on improving Sky’s own card, but he soon switched to trying to break the code of its competitors.

Hacking the unhackable

Meanwhile, ONDdigital started to use smart cards manufactured by French Canal+, which were considered “unhackable”. They were no match for Kommerling. After he finished “analysing” the Canal+ product, the encryption codes somehow found their way onto the web. One of the major distributors of code was THOIC. This enabled pirates everywhere to manufacture counterfeit cards which gave free access to ONdigital’s network.

The widespread use of counterfeit cards was quoted as one of the reasons of ONdigital’s downfall. The company tried hard to fight piracy, introducing digital countermeasures and changing its codes, but it was to no avail. By the summer of 2001, ONdigital was in serious trouble. In search of a solution, it briefly reinvented itself as ITV Digital.

E-mails show that by that time, even the hacker community realised THOIC was actually working for Sky. The project was folded by NDS, and its equipment destroyed, but the damage to ITV Digital was already done. The company went under in 2002, costing more than £1 billion to its shareholders and leaving 1500 people out of work. Lee Gibling later left the country. He kept receiving payments from NDS up until 2008.

Experts agree that there were several reasons why ONdigital and its later iteration didn’t last. But piracy was a definite factor in its demise. NDS maintains that it used information provided by Lee Gibling to catch pirates and hackers, not to harm the competition.

According to the Guardian, News Corp’s lawyers, Allen & Overy, sought to derail yesterday’s Panorama in advance by sending round denials and legal threats to other media organisations. They said any forthcoming BBC allegations that NDS “has been involved in illegal activities designed to cause the collapse of a business rival” would be false and libellous, and demanded they not be repeated.

It is expected that Project Apple, the special team put together by Ofcom to investigate NewsCorp and BSkyB in the wake of the phone hacking scandal, will now look at the allegations and decide if the Murdoch family is “fit and proper” to run Britain’s biggest broadcaster.

How much do you know about microprocessors? Take our quiz!