skip to Main Content

Thinking inside the box

0845 602 7006 | 0117 322 6163

Confessions of a hacker!

Are you part of a business that stores much of its information in the Cloud? If so, you are not alone. We are positively encouraged to do away with much of our paper documents and keep everything safely stored in the Cloud where no one can access it except those who are authorised to do so. But ask yourself the question – how safe are my documents stored in this mythical Cloud? The Cloud refers to servers accessed over the Internet and the software and databases that run on those servers. Cloud servers are located in data centres all over the world – including some parts of the world which you may not think of as particularly safe!

For a skilled hacker, a major company’s cloud system is a treasure trove – sensitive data, including millions of bank account logins, email addresses and Social Security numbers can be just a few clicks away. While the cloud provides unprecedented benefits to digital businesses, it can also leave customer and employee data vulnerable.

The Sunday Times recently went out to India where they investigated an industry which has expanded at a phenomenal rate. The use of the Indian underworld to break into email accounts and smartphones has become a practice that has been proliferating for years. British investigators have been able to commission “hack-for-hire” firms with little fear that they will be prosecuted for breaking the UK’s computer misuse laws.

An investigation by The Sunday Times and the Bureau of Investigative Journalism has uncovered a leaked database from one of the main “hack-for-hire” gangs. It shows the extent of illegal computer hacking in the City of London for corporate intelligence companies targeting British businesses, journalists and politicians.

But this gang is not the only one. Undercover reporters made contact with a series of Indian hackers who were secretly filmed speaking openly about their illicit work and their underground industry’s nefarious influence in Britain.

It is illegal to commission hacking from the UK, a crime punishable with a prison sentence of up to ten years. There are similar laws in India, where unlawfully accessing a computer carries a jail sentence of up to three years.

But the hackers had no fear of being found out. One laughed when asked if any Indian hacker had been caught. “Not even a single [one],” he said.

The newspaper article described a simple trick by one of the hackers who sent his victims phishing emails containing fake Facebook login pages in the hope that this will dupe them into surrendering their username and passwords.

He claims that he can produce a Facebook login page to “such a level of detail” that it is indistinguishable from the real thing. “Most of the time the target gives us their own password,” he said. “They think the site is legitimate and the site is not legitimate, and they give the password on their own. We are not a god, so we can’t predict the password. Always, they give.”

The hacker then passes the login details to the investigator client, which allows them to access the victim’s private information. Since many Apple and Google account logins often require only a single password, the investigator can swiftly seize everything the victim stores in the cloud.

Another hacker had a range of inventive methods to dupe victims into giving up their passwords or downloading malware on to their devices. If one of his UK targets had a medical problem, for example, he proposed creating “an exact lookalike” of the NHS website and telling them they needed to log in to order medication.

“I am going to clone the NHS [login page] for you and share the link with you. You will click on it, you will see that’s National Health Service,” he said.

He was confident that he would never be prosecuted for any of this illegal activity. “No one is trying,” he said when asked about the enforcement of computer misuse laws in India. “They are the police, they are not professional  IT people so they don’t understand these things.”

If you have documents that you don’t want to trust to the Cloud, remember that Filofile is a business that does understand how to store your paper files safely and away from any potential digital hackers. With your files stored safely in one of our climate controlled secure facilities that are monitored 24/7 you can be sure your documents will be in safe hands. We use a comprehensive barcode indexing technology to track your files which can be integrated seamlessly into any records management processes you have in place.

If you are still working remotely, Filofile is able to deliver documents straight to your home based office when necessary. Its cost effective service lets you store your documents in a state of the art facility that is secure, discreet and linked to Police and Fire services, as well as being ISO 9001 compliant, adding an extra layer of security as compared to storing your own records on-site or in a storage unit.

All your documents are securely filed and available when you need them. There is a next day delivery service for document retrieval as standard and an emergency service for those crucial moments when you need a record in a hurry. Give us a call today on 0845 6027006 or send us a message here to see how we may be able to help your organisation.

You can read the whole article about hacking here: https://www.thetimes.co.uk/article/caught-on-camera-confessions-of-the-hackers-for-hire-2hgn3kmnh

Back To Top