Hacker explains tricks of the trade

22:28, Jul 28 2013
Van Raymond
PHONE HACKER: With nothing but his smartphone, 19-year-old New Plymouth man Van Raymond says it is possible to 'hack' into another person’s phone or computer using open wi-fi internet networks like those at Puke Ariki.

It takes him seconds to hack his way in.

Before we even know what is going on he is watching us surf the internet, tracking our movements, and shutting our connections down at will.

Give him another minute and he would be opening our emails, accessing our Facebook page, sending our friends messages.

From there it would be up to him as to whether he simply wants to be an online nuisance or hijack the details, passwords and connections of our digital life for criminal gain.

Van Raymond, 19, can do this because he is a self-taught computer hacker. The New Plymouth man has shown us how easy it is to take over someone's computer because he is concerned at the vulnerability of citizens in our increasingly digitised society.

More than 50 per cent of New Zealanders now access the internet over smartphones and tablet computers, and the proportion is increasing rapidly. At the same time more and more cafes, libraries, airports and public areas are offering open wireless internet that anyone can connect to and start surfing the net.


It is in these open networks that Mr Raymond says hackers, often using nothing but a smartphone and a program they have downloaded from the internet, are able to filch your most personal details and escape without a trace.

They can then use that information themselves or sell it on to criminal gangs who may use it to steal your identity, allowing them to take out loans in your name they never intend to repay, rack up massive credit-card bills and even apply for passports.

Depending on what files you keep on your phone, you may also be vulnerable to blackmail.

And Mr Raymond says he knows of 8-year-olds who can hack into online devices.

"Obviously the younger they are, the more it is a joke to them."

Imagine what they will be able to do in 10 years' time, he says.

"At first I just did it for laughs.

"You can update status profiles and send messages. It can just cause some funny crap."

But he has seen other hackers cross a line he was not willing to go past and he now wants to educate people to the risks.

"It's funny when someone's profile picture and all their friends' profile pictures and all the images on the screen are changed to cats.

"It's not funny when someone gets home from work and their bank account has been drained."

The prospect of such a thing happening is all too real and is why banks recommend against accessing online bank accounts anywhere but in a secure location such as your home. Definitely not in public over an open wi-fi internet connection.

But Mr Raymond says even that won't keep you safe from cyber crime, which he has seen children commit on other children.

"What they do is hack into their Facebook pages, steal their bankcards and then message their parents telling them they have forgotten their pin number. By the time they realise anything has happened their money's all gone."

Chris Hails, of the government-supported cyber security initiative Netsafe, says Mr Raymond is right when he says some of those who have grown up with computers are increasingly adept at finding ways around any online security.

Technology appeals to them, Mr Hails says. "You tell them they can't do something and they want to know why, and they're going to find a way to do it."

The best way to avoid getting hacked while using public wi-fi is to simply not use it for anything you're not willing to share, he says.

"Imagine you're standing in a crowded marketplace and yelling everything out.

"You wouldn't yell out the password to your bank account or the intimate details of your relationship, so don't do it online."

Though the threat is real and police acknowledge cyber crime is increasing, Mr Hails says, as with home security, people's relative safety is often down to them.

Netsafe advocates using long, strong passwords, updated software, not accessing personal information on wi-fi networks and making sure all online activity is as secure as it can be.

"If your password is a dog's name, then good luck to you," he says.

It is also still common for people to use one password for multiple accounts, which leaves people open to a form of hacking called "daisy-chaining".

"Sometimes it will only take as much as logging into your email at the library to give a hacker access to whatever they like.

"What they do is they get that password and then they systematically go through that person's other accounts, their Facebook, Trade Me, trying that password."

Once they have access to your accounts, your privacy is gone.

They can find out everything about you. Live your life.

"And there's also reputational risks. They can read or send email from your account.

"They could send out confidential or defamatory material."

And while the hacker risk is there, Mr Hails acknowledges it is still relatively small, with a vast majority of cyber crime still originating from overseas; not the teenager sitting next to you in the library.

Taranaki Daily News