fbpx

The inside story from a Cyber Hacker

Something strange happened to me last week.  All of a sudden my office answerphone started ringing. The answer machine would kick in and take a message and then it would start ringing again and take another message.  It went on for the best part of an hour before I finally got fed up and pulled the power from the back of the telephone. 

Having stopped the problem at source I decided to go back and listen to some of the messages. Each one said they had just had a missed call from my number and wanted to know what it was all about.  Well I knew for certain that I hadn’t called anyone, so I decided to get in touch with my telecoms provider. 

Of course you can’t speak directly to a human anymore. I was offered the chance to join an online ‘chat’.

So it was that I found myself typing my problem in from my mobile phone to a chat line.  To be honest I wasn’t quite sure whether there was a real person at the end of the chat or maybe a pre-programmed AI bot.  It soon became clear that neither the human, nor the AI bot, had any idea what I was on about, so they decided to send out an engineer.

Hurray a real person!!  It took a few days but when he arrived it took only a couple of minutes for him to confirm there was nothing wrong with my line.  I hadn’t made any nuisance calls and there sadly was very little he could suggest.  He had heard of something similar happening to a few other clients, but he only worked with copper wires and fibre cables and my problem was out of his expertise. I wasn’t surprised because I think I already had the answer to my problem.

Thank goodness I found myself hosting The Swansea City- City Business Network (CBN) event entitled ‘Defend & Attack’. The special guest was Greg van der Gaast described as ‘infamous hacker, turned undercover FBI operative’.  The room was full of people who were either Cyber Security specialists or businesses from the area who needed to know how to protect themselves.

It was in the ‘meet and greet’ early stages of the event that I mentioned my mystery ringing telephone to a small group gathered around the coffee and pastries.  ‘You’ve been cloned Mal’. My response was what, how when???

As Tom Jones would say ‘It’s not unusual’.  The problem seems to be the meeting of old technology with new.  As the digital revolution moves on, literally at light speed, it still has to interact with copper wires. Apparently, because of this some unscrupulous people can ‘clone’ your landline number and then make calls for whatever reason using that clone.

But why?  Well when their phone rings people will see a number that looks local or normal and will be more tempted to answer.

I can understand their reasoning.  If I see a number I don’t recognise from an area where I don’t have connections I tend not to answer hat call.  For the ‘cold calling company’ trying to sell or con people my number might just persuade unsuspecting punters to answer rather than reject straight away.

 

As the morning went on it soon became clear that this meeting of old and new technology has been a problem for some time. When Greg van der Gaast was a teenager getting his first computer the digital world was like the Old Wild West.  And just like in the Old Wild West the naïve tenderfoot dreamers had heard of the open spaces that the internet would provide but had no idea of the potential dangers awaiting them.  Bushwhackers, snake oil sales men, con men and outlaws. They had left the safety of a world they understood with rules and poling and they were on their own.

A lot of the early hackers were just kids trying to show how clever they were. Greg told stories of people buying the gear, logging on to a shared web group only to see some hacker on the site slowly download or destroy the unsuspecting newbies hard drive. The trouble was a little bit of knowledge was a dangerous thing.

It was against this background that Greg found himself hacking into a Nuclear Weapons Facility in India.  In no time at all he had downloaded emails and plans and found himself being hunted by the FBI.

In stead of going to prison the FBI made Greg an offer he couldn’t refuse and so began a career working to stop the bad guys.

The problem is that computers, coding, networks and hackers al seems a bit like magic to many leaders of businesses who probably grew up with pen and paper and have slowly transitioned to computers probably against their will.

The systems that many companies use have evolved over time building on previous systems. Even if the latest development is state of the art, if its bolted on to some old system that is vulnerable to attack then all of the Cyber Security in the world can’t stop the clever hacker.

Greg shared the story of an airport that had the very latest security for its network.  When he audited the facility he noted that there might be a problem in baggage handling.  Because an airport needs to get the bags to the right plane on time they were worried about mechanical failure for the motors of the conveyor belts. The company that fitted the motors had installed devices that monitored the motors to give early warning to mechanical failure which they could then replace before they actually broke.  The problem was all of these devices were connected to the Airport network and nobody in the Cyber Security team really knew.

From what Greg and the other delegates said it appeared that any system or network is only as strong as its weakest link. Instead of trying to fix the problem by buying more Firewalls and more gear sometimes going back and looking at your whole system might be a better way to go forward.  It might take time and money but starting again could mean you save money in the long term rather than trying to add security to an older leaky system

I suppose as a new generation starts to take over the world, a generation that is tech savvy and aware of some of these risks, then maybe businesses will be better equipped.  Having said that if the business owners are more tech savvy so are the bad guys.  In the old days a hacker was a kid in a bedroom looking for fun.  Nowadays Greg says that the ‘Dark Web’ is more like Google or Amazon where you can go and get all the tools you need to become a hacker for a monthly subscription.

I came away a little alarmed but determined to have a little look at how I use the internet. Maybe you should too?

Leave a Comment

Your email address will not be published. Required fields are marked *