Breaking into places and getting caught doesn’t usually land you a job, but that’s exactly what happened to UN hacker Matthew Beddoes, who last year was sentenced to three years for trying to digitally steal carbon credits from the United Nations. Released late last year however, he was in Liverpool yesterday showing North West businesses how they could be attacked by something as simple and cheap as a Raspberry Pi system.
The hacker, once known as Black Dragon and now operating his own security firm, Red Dragon, used the £30 home computer to hack into the smartphones of several attendees, highlighting basic security flaws in common software and offering ways they could shore up their businesses to protect themselves from similar intrusions at the workplace.
“All this code is free and publicly available,” said the Shropshire-born hacker. “Basically with some very cheap kit I could hack into every smartphone on a coffee shop wifi system where people might be looking at work emails, bank details or shopping online. I can see all that information and even plant code into their device that will send me all their access keys and passwords. Then I’d have full access to their network.”
Of course though Beddoes isn’t doing this out of the goodness of his heart, it’s a paying gig after all. The money behind the man in this instance is the Stack Group, which offers secure cloud infrastructure for enterprise clients. As Beddoes pointed out during his talk though, no platform is safe, especially if it operates wirelessly.
Stack’s big selling point however was its encryption, which it said prevented data from being destroyed or stolen by viruses and trojans, or at the very least, made it much harder for the nefarious individuals that might try and steal it.
Stack was also pleased to announce that despite having a month to play around with it, Beddoes was unable to hack into its WatchGuard XTM Firewall.
KitGuru Says: That’s a dangerous challenge to put out there Stack. As confident as you are in your system, you never want to pretend it’s unhackable. Someone will always find a way in.