YOUR entire identity could be stolen, sold and used for blackmail by hackers getting tips from China, an FBI adviser has revealed.
Medical records, IDs and bank details are just some of the “lucrative” pickings cyber highwayman are accessing.
GettyEvery person in the West has their hacked data up for sale on the dark web, FBI advisor Raluca Saceanu says[/caption]
The CEO of Smarttech247 will target valuable data and flog it for thousands on the dark web
Getty It comes after The Sun revealed Chinese hackers accessed Brits’ personal information[/caption]
Copycat hackers have been inspired by China and Russia, an expert says
Concerns over data protection soared this week after The Sun revealed Chinese hackers accessed 40 million Brit voters’ personal details.
Now, FBI and NCIS adviser Raluca Saceanu says she’s seen evidence state actors are sharing information with criminal groups on how cyber attacks are carried out.
Ms Saceanu, who founded cyber security firm Smarttech247, says the average Brit is now at serious risk.
She explained: “If cyber criminals have better access to the tactics, techniques and procedures used in these types of attacks, it increases the risk of both impersonation fraud and credential theft.”
Impersonation fraud sees cyber criminals use details like names and addresses to pose as someone to gain access to accounts.
Credential theft is when usernames and passwords are stolen to break into email or social media accounts.
From here, they can make money through blackmail or by using the account details to set up payment methods.
Shockingly, virtually “every person” in the West has had their data hacked and put up for sale on the dark web, Ms Saceanu says.
The cyber security expert added: “Your data, my data, everyone. It is a nine trillion dollar industry.
“A common misconception is that these are teenage hackers in a basement.
“The reality is that this is a criminal operation formed of a massive supply chain.”
Hackers can be financially or politically motivated and aim to get their hands on “valuable” data while conducting a cyber attack.
This can be used to construct sophisticated phishing campaigns to dupe unsuspecting victims.
Ms Saceanu said: “I go into Santander, steal 20,000 records, chances are I couldn’t do much with those.
“However you steal the context of the information, you get an email address of someone you know has an account there, and you get other personal details.
“I could craft a phishing campaign to say ‘Your Santander bank account has been on hold’, create a sense of urgency, ask them to pay a fee.”
This can see you unwittingly hand over your entire identity and could give hackers access to your computer or phone.
The cyber whizz says she’s seen £200 phishing kits for sale on the dark web, which help hackers create convincing emails with ChatGPT spin-off FraudGPT.
NO EASY HACK
How to protect yourself against hackers?
While online firms will try to protect your data, Brits should always remember that basic “cyber hygiene” goes along way.
Having strong passwords, multi-factor authentication on your email and social accounts can all help to keep you safe.
And keeping your software up to date and being wary of phishing attacks will also help.
IDs, passports, driving licenses, health and financial data, diagnostics and scans can then be stolen and sold online.
Incredibly, a single health record can sell for over £900 compared to just £8 for a bank account or credit card.
Behind attacks are anyone from independent hacktivists to state-backed actors funded by rogue states like China, Russia and Iran.
Such countries also run their own hacking operations to achieve geo-political ambitions, that pose a considerable threat to Britain.
The Electoral Commission admitted last August that “hostile actors” – which The Sun revealed to be China – had accessed data systems and email during the August 2021 attack.
Crooks from the Communist superstate stole the name and address of anyone in Great Britain who was registered to vote between 2014 and 2022.
They also pilfered the names of those registered as overseas voters during the same period, and the names and addresses of anyone registered in Northern Ireland in 2018.
Reference copies of the electoral registers were also seized in the attack which was only identified in October 2022, 16 months later.
Beijing ‘has made no secret’ of their desire to attack foreign politicians
Luke de Pulford boss of anti-China alliance IPAC group, said: “About a year ago the Belgian and French foreign ministries publicly confirmed China sponsored cyberattacks against our members.
“Other countries have done the same privately.
“Beijing has made no secret of their desire to attack foreign politicians who dare to stand up to them.”
They apologised for falling foul of the “complex cyber-attack”.
Ms Saceanu says politically-motivated attacks such as this are set to become more commonplace, with critical UK infrastructure such as the grid, water, public transport and healthcare all targets.
She said: “In 2015, Ukraine experienced a similar attack – believed to be backed by a foreign state – it caused a massive power outage and impacted about 230,000 people.
“The UK hasn’t faced an incident of this magnitude before but the possibility remains a concern, particularly given the international tensions.”
An attack could ransack the personal data of millions in the process.
AI – quickly growing in sophistication and capability – may also be used to speed up cyber attacks, analyse vast amounts of data and identify vulnerabilities at terrifying speed.
Ms Saceanu added: “There are about 43 billion cyber attacks happening constantly.
“The human is vulnerable. The machine is vulnerable. They are going to leverage these two vulnerabilities to crack a terror attack.”
Chinese hackers access 40 MILLION Brit voters’ details
By HARRY COLE
CHINESE hackers struck at the heart of British democracy and accessed 40 million voters’ personal details, The Sun can reveal.
Britain will officially finger China for a 2021 cyber attack on the Electoral Commission that oversees all UK elections.
The Communist superstate will be named and shamed in Parliament today – as the key players involved are slapped with hefty sanctions.
Deputy Prime Minister Oliver Dowden will also warn dozens that politicians have been targeted by Chinese hackers.
Later the Foreign Office will add a number of Chinese suspects involved to an official blacklist.
It’s understood the United States government will also point to Beijing for a cyber attacks on America on Sunday.
On Saturday night Foreign Office sources played down suggestions they had “gone slow” on officially attributing the attack to China are months of Whitehall wrangling.
The Electoral Commission admitted last August that “hostile actors” had accessed their data systems and email – but today the Government will officially attribute China as the culprit.
They apologised for falling foul of the “complex cyber-attack” that was identified in October 2022, 16 months after the August 2021 strike.
Shaun McNally, the Electoral Commission Chief Executive, said last year: “We regret that sufficient protections were not in place to prevent this cyber-attack.”
He admitted: “As part of the attack, hostile actors were able to access reference copies of the electoral registers, held by the Commission for research purposes and to enable permissibility checks on political donations.
“The registers held at the time of the cyber-attack include the name and address of anyone in Great Britain who was registered to vote between 2014 and 2022, the names of those registered as overseas voters during the same period, and the names and addresses of anyone registered in Northern Ireland in 2018.
“We know which systems were accessible to the hostile actors, but are not able to know conclusively what files may or may not have been accessed.”
Published: [#item_custom_pubDate]
