Our vulnerabilities to hackers

  • Stay safe: how to protect yourself online from hacking, espionage and money theft, was the topic of a presentation at the World Alternative Investment Summit Bermuda

    Stay safe: how to protect yourself online from hacking, espionage and money theft, was the topic of a presentation at the World Alternative Investment Summit Bermuda

A snapshot of how easily identity theft can be committed, and how other hacking, espionage and cyberthefts are perpetuated, was presented to delegates at the World Alternative Investment Summit Bermuda.

Security consultant Vitali Martiniouk, of KilSol, detailed many areas of vulnerability in the interconnected digital world and highlighted some famous scandals.

One example was the infamous “Busboy scam”, when a young restaurant worker in Brooklyn, New York, used a Forbes magazine list of the 200 richest people in the US as his starting point to collect personal and later confidential information about their lives, banking details, social security numbers and other pertinent details.

Using elaborate online social engineering that was initially based on public data, he then assumed the virtual identities of many billionaires to trick financial institutions into approving bogus requests for funds. When the authorities finally caught up with him in 2001, they were staggered by what he had achieved through his cybertechniques.

Speaking at the Wais conference at the Fairmont Southampton last week, Mr Martiniouk also mentioned how GPS spoofing had allowed University of Texas students to remotely take control of a $80 million yacht using a spoofing device the size of a suitcase.

In a similar way, fake transmitting towers for mobile phone networks can be positioned to intercept mobile phone communications.

And every mobile phone in the world is potentially vulnerable to hackers who accesses the SS7 system through any number of networks around the world.

SS7, or Signalling System No 7, is a universal system that connects one mobile network to another. It was developed in the 1970s and is the protocol system used worldwide. However, it was developed and accepted as the universal protocol long before the advent of cyberattacks and hacking. As such it has backed-in flaws and vulnerabilities that are beyond patching. A successful hacker, or spy agency, can listen in and record calls, read text messages and track the location of a targeted phone.

During his presentation at the Wais event, Mr Martiniouk gave tips on how delegates could better protect themselves from hacking and cybercrimes.

One way to protect a bank account is to have it locked so that activity such as withdrawals must be authorised by the bank manager. Mr Martiniouk said it was a good idea to have a bank book without an accompanying magnetic card or “tap-and-go” embedded card, in order to reduce the opportunities for fraud.

He also identified public wi-fi as a danger area easily exploited by hackers.

“Avoid connecting to banking sites over wi-fi,” he said. “And where possible use VPN over wi-fi.”

VPN, or virtual private network, allows individuals and companies to send and receive data across public networks as if they were directly connected to a secure private network.

Mr Martiniouk’s other tips included:

• Use a banking app rather than a browser for online banking.

• Open an account at a bank that provides two-factor authentication, such as needing to provide information from a hardware token during the login process.

• Where possible, make payments with cash rather than using a bank card.

• Encrypt e-mails.

• Use long passwords, ideally of 12 characters or more.

• Regularly update software on your phone and computer, and use full disk encryption on both.

• Have a back-up of your data stored elsewhere, which can be used to restore your computer or phone should you fall victim of a ransomware attack.

With mobile phones constantly updating your location in the world using GPS, it can be easy for a cybercriminal to deduce when you are away from your home on business or vacation, particularly if they have harvested other personal information from social media sites, such as your community connections, level of wealth and home location.

With that in mind, Mr Martiniouk cautioned delegates about the use of social media. He said: “Avoid having too much of your personal details online.”

You must be registered or signed-in to post comment or to vote.

Published Oct 17, 2017 at 8:00 am (Updated Oct 16, 2017 at 7:22 pm)

Our vulnerabilities to hackers

What you
Need to
1. For a smooth experience with our commenting system we recommend that you use Internet Explorer 10 or higher, Firefox or Chrome Browsers. Additionally please clear both your browser's cache and cookies - How do I clear my cache and cookies?
2. Please respect the use of this community forum and its users.
3. Any poster that insults, threatens or verbally abuses another member, uses defamatory language, or deliberately disrupts discussions will be banned.
4. Users who violate the Terms of Service or any commenting rules will be banned.
5. Please stay on topic. "Trolling" to incite emotional responses and disrupt conversations will be deleted.
6. To understand further what is and isn't allowed and the actions we may take, please read our Terms of Service
7. To report breaches of the Terms of Service use the flag icon

  • Take Our Poll

    • "What do you see as best for the future of Bermuda's energy?"
    • Belco Plan
    • 13%
    • Bermuda Better Energy Plan
    • 68%
    • Other
    • 19%
    • Total Votes: 2308
    • Poll Archive

    Today's Obituaries

    eMoo Posts