Infamous Black Hat Hacker Reveals Insider Tips At PFK Cooper Parry's Cyber Security Seminar

Added by Love Business East Midlands | 30 November 2016

The visit to PKF Cooper Parry of former black hat hacker Ryan Ackroyd, the man who famously hacked the FBI, Sony and Fox, captured the imagination of business leaders from across the region, who turned out in force to get a personal insight into the true nature of cyber-crime and the need for investing in a secure IT system.

                                                       Vicky Playford, IT Solutions partner introducing the seminar

Ryan, who famously served a 10-month prison sentence for hacking Sony, Fox and the FBI in 2011, was one of a panel of experts at the Cyber Security seminar, which was hosted by the IT Solutions team at PKF Cooper Parry at their East Midlands Airport office.

Ryan was the founder and one of the six core members of hacking group ‘LulzSec’, which means laughing at security. LulzSec, an offshoot of notorious hacktivists ‘Anonymous’, was responsible for the penetration of multiple military and government domains in 2010 and 2011.

The group undertook many high-profile intrusions of companies including PBS, Sony, Fox Entertainment and the InfraGard Atlanta user database – a company affiliated with the FBI.

                                                      Ryan Ackroyd speaking at the event

Ryan now uses his insight and unusual expertise to help secure systems rather than break them. In a thought-provoking discussion, Ryan explained that his motive for hacking these systems was never about financial gain and stressed that he simply enjoyed the challenge of breaching these systems and was curious to see how it all worked.

He also admitted that it became quite addictive and that a group mentality formed amongst the other members of LulzSec, often making the hacks fun to be a part of.

Most alarmingly, Ryan revealed that for the most part, hacking prestigious companies like HB Gary and Sony was not particularly difficult:

“The techniques we used weren’t sophisticated at all. Attackers only need a basic knowledge and one device connected to the internet.”

“The ease in which LulzSec accessed the systems was really down to the faulty cyber security precautions which were in place.

“For instance, in the case of Sony, a lot of the user information was only stored as plain text and wasn’t encrypted, making it easy for LulzSec to access Sony’s customer information.”

Ryan also demonstrated just how easy it is to perform a simple hack knowing only someone’s mobile phone number. Using his computer, he accessed IT Solutions partner Victoria Playford’s phone book and sent her a text message posing as a contact stored in her phone.

Ryan was joined by university lecturer Dr David Day, National Crime Agency special officer working with the National Cybercrime Unit and Neil Richardson, an academic, consultant and chapter lead for the Open Web Application Security Project from Snake Trap.

Speaking about a recent cyber-attack which forced prominent websites such as Amazon, Twitter and Reddit offline, Dr David Day warned:

“This will not be the last time this happens – considering the rate that technology has grown and is continuing to grow, we are increasing the attack surface.

“You’ll be surprised to learn that 93% of cyber security breaches took minutes or less to perform, whilst 83% of them took weeks or more to discover.

“If a company’s security is breached, as well as the loss of intellectual property, businesses will suffer from a loss of kudos and ultimately a loss of clients, making this kind of attack tremendously detrimental.”

Neil Richardson performed another hacking demonstration, a ‘Script Kiddie hack, in which he used only a PC’s IP address to hack into the system from another computer, allowing him to create, replace and delete files.

Neil told guests that companies can have a fighting chance against cyber attackers by following some basic approaches: raising awareness amongst staff; undertaking regular auditing practices; staying on top of patch management; regularly backing up systems and ensuring anti-virus software is up-to-date; and hiring people to try and hack your system (with permission) – something referred to as ‘penetration testing’.

After being showed exactly what can go wrong and how it can happen, Nick Ross, an IT security specialist at security specialists SOPHOS, demonstrated how SOPHOS can help businesses prevent cyber-attacks.

Showcasing SOPHOS’ newest product, InterceptX, Nick explained that InterceptX currently has a 100% success rate in protecting users against ransomware by recognising and destroying the attacks before they have chance to damage or impair computer files.

Ransomware is a form of malware which encrypts files and essentially holds them at ransom until the owners sends over money to decrypt the files.

Also speaking at the event was ex-programmer Chris Tate from Datto, who work in partnership with PKF Cooper Parry IT Solutions. Chris, who has more than 30 years’ IT experience, introduced Datto’s Total Data protection platform.

Datto’s ability to restore a computer system following an IT disaster was demonstrated during a live disaster demo, which imitated a feasible, real-life situation.

Users can be guaranteed business continuity as Datto offers ransomware protection, disaster recovery service and Cloud-to-Cloud SaaS backup, ensuring that no matter what happens, businesses’ data and IT systems will be secure and instantly restorable at any time. 

Chris also explained that the Total Data protection platform also protected users from human errors as well as malicious activity.

Speaking about the Cyber Security Seminar, Victoria Playford, IT Partner at PKF Cooper Parry IT Solutions, said:

“It’s not often you get the chance to meet someone with the ability to break into cyber systems just for fun, so as you can imagine, we had a full house for the event, with people wanting to find out how Ryan managed to do what he did.

“A massive two thirds of businesses have been hit by cyber-crime over the past 12 months alone. Yet surprisingly, only 10% of those companies and organisations breached had a cyber security incident plan in place.

“Our other experts gave guests an insight into the dangers that cyber-crime poses to their business and some of the steps they should be taking to combat it.”

The IT Solutions team at PKF Cooper Parry, has enjoyed unparalleled growth over the past 12 months. Turnover has increased from £1.5m to £3.6m and is on target to hit the £6m mark by 2017, making it one of the fastest growing IT businesses in the Midlands.

< Back