[ad_1]
The computer system of the Portuguese Football Federation (FPF) is “quite resistant” to external attacks, such as the one allegedly carried out by Rui Pinto, defended the agency’s director of technology, in the Football Leaks case.
“It is a very resistant system. We work with a set of internationally recognized partners and the email service that FPF uses is also used by the ‘500’ most important Forbes companies ”, said Hugo Freitas, in the second part of the deposition at the Central Criminal Court of Lisbon , after being heard by the jury chaired by Margarida Alves on November 10.
However, the head of the FPF technology area highlighted in the 25th session of the trial that even the best computer systems are vulnerable to the “human factor” and cited as an example of vulnerability “one of the most used passwords” by users.
“The fundamental thing to understand about any type of attack is that it is rare that it has originated from a technological component. This means that the human factor is inseparable from security. I can create a system that requires a password with at least 12 characters and special characters, but if the person types ‘amorzinho123!’ we have a problem, ”he said, in response to FPF’s lawyer, Pedro Barosa.
Hugo Freitas also revealed that “cyber attacks occur regularly” and that the integrity of the computer system was at stake when a user’s data was compromised “through phishing.” However, the FPF’s internal investigation of the access records, based on the information provided by the Judicial Police, did not fully identify the source of the attack.
During the Public Ministry investigation it was also found that the main defendant and creator of Football Leaks would be in possession of the passwords of the federation’s social media accounts, namely Twitter, Facebook and Instagram.
Today’s session also featured the testimony of former PLMJ lawyer Pedro Melo, by video call, who assumed he did not know that his email box had been the target of an alleged access by Rui Pinto at the end of 2018.
“I did not know and I even take the opportunity to ask if this access was carried out or not,” Pedro Melo questioned, with the Public Ministry Prosecutor, Marta Viegas, answering only that the mailbox was not exfiltrated by the devices seized by Rui. Pinto and that “it only indicates that there will be access.”
“I had no evidence of this access, it is the first time that they have given me this information. At that point, I asked them if they had accessed my computer and they didn’t know how to answer, I asked them a second time and they gave me the same answer. Then it occurred to me that my email box had not been accessed, ”said the lawyer, adding that he had no information related to the Football Leaks or Luanda Leaks cases.
The next trial session is scheduled for Tuesday, following the hearing of Nélio Lucas, former CEO of the investment fund Doyen.
Rui Pinto, 32, is responsible for a total of 90 crimes: 68 for improper access, 14 for violation of correspondence, six for illegitimate access, directed at entities such as Sporting, Doyen, PLMJ law firm, Portuguese Football Federation ( FPF) and the Attorney General’s Office (PGR), and also for computer sabotage of the Sporting SAD and for extortion, in the tempted manner. This last crime concerns Doyen and was also the one that motivated the pronunciation of the lawyer Aníbal Pinto.
The creator of Football Leaks has been free since August 7, “due to his collaboration” with the Judicial Police (PJ) and his “critical sense”, but is, for security reasons, inserted in the witness protection program in a place undisclosed and under police protection.
