Cyberstrike by James Barrington (best memoirs of all time TXT) 📕
Read free book «Cyberstrike by James Barrington (best memoirs of all time TXT) 📕» - read online or download for free at americanlibrarybooks.com
- Author: James Barrington
Read book online «Cyberstrike by James Barrington (best memoirs of all time TXT) 📕». Author - James Barrington
‘At the same time we checked his user credentials and permissions. We assumed he was just bored or nosy, but when we found out he was incommunicado in hospital we knew we had a third-party intrusion. We recorded the inputs he was using for a few more minutes, and then locked him out. We blocked the user’s log-in credentials and his password, and as far as we were concerned that was the end of the matter, at least in terms of the breach. We reported it up the line because that’s our standard operating procedure and wrote it up.’
‘So how did your unknown hacker get this man’s credentials?’ Morgan asked.
‘We don’t know, and obviously we’ll be interviewing Simons when he gets back. We’ve already done a thorough check of his computer terminal and working space, just in case he was stupid enough to write his password down on a post-it note and stick it on his monitor or in a drawer or somewhere, but we didn’t find anything like that. We have rules against that kind of thing, obviously, but you’d be amazed how many otherwise sensible and intelligent people think that for some reason those rules don’t apply to them.’
‘So I suppose you’ll be looking at social engineering, something like that?’
‘That’ll be one of our first questions when Simons gets back. Again, it’s staggering how many people will answer the phone, and if the bloke at the other end tells them he’s from technical support and sounds convincing enough they’ll tell him their password or PIN or almost anything else. I’ve talked to a few people who’ve told me they never gave away their entire PIN and have then admitted there was a problem on the line and when the caller asked for the first and third digits he apparently didn’t hear them and then asked for their second and fourth characters, which they cheerfully gave him. It’s just incredible how stupid some people are.’
Morgan nodded.
‘Sometimes it’s not simple stupidity, just that the person doing the social engineering is really good at it. I was involved in bank security in a former life and I remember dealing with one woman, a shop manager so presumably reasonably bright, who’d been contacted by somebody pretending to be from the local branch of her bank. He told her there was a major problem with her account and her credit card and said the matter was so serious and so urgent that they would send a courier round immediately to take her credit card and arrange for a replacement. They also asked her to write down all her personal details – not just her name and address but also her credit card PIN and the numbers of all her bank accounts and the numbers and PINs of all her other credit and debit cards – and give all that information, with the card, to the courier. Twenty minutes later a scruffy man wearing jeans and a leather jacket and riding a battered old motorbike turned up at her door. She handed everything over to him and it was only when he rode away that she even started to have any doubts. They took her for five or six grand, if I remember correctly. And, as I said, she was an intelligent woman, but the caller was so convincing on the phone that she believed the whole story. They’re really clever, these people.’
‘I know,’ Foster agreed. ‘I think that’s probably the most likely explanation for the misuse of Simons’s log-in details, and obviously we will find out what happened in this case. But we have blocked his account, so we won’t see anybody else coming in that way, and he didn’t have anything like the access he would need to set up a backdoor or create a superuser account, so we’re happy that the system wasn’t compromised.’
‘Good,’ Morgan said, standing up ready to leave, ‘but keep your eyes on it. This could be just the start. Npower had an attempted hack as well over the last few days, and the last thing we want is for any of our utility providers to be compromised.’
‘Before you go,’ Foster said, ‘I’ve got a question for you. You told me your outfit, this C-TAC group, is full of anti-terrorism specialists.’
Morgan nodded and sat down again.
‘So I presume you’re not just interested in investigating cyberattacks?’
Morgan nodded again.
‘So let me ask you about the fairly obvious elephant that may or may not be standing in the corner of the room.’
Morgan already had a good idea where this particular conversational thread was likely to be heading.
‘Did you hear about the gas leak that wasn’t in the Palace of Westminster? Or about a collision on the Thames between a police launch and a cabin cruiser?’ Foster asked. ‘There were a few social media posts about it last night and this morning and even a couple of not very clear pictures. Do either of those events have anything to do with the cyberattacks on the utility companies?’
‘Those are good questions,’ Morgan replied, then paused. ‘Before I say something I shouldn’t, I presume you were vetted before you took up this post, so what security clearance do
Comments (0)