The day after the first hack of United States adultery website Ashley Madison, a world-leading cyber security expert John McAfee was also breaking into the company’s security systems.
As someone who has spent his life battling so-called “black-hat hackers” – those who use their computer knowledge to breach security – and analysing cyber security breaches, McAfee’s purpose was to unravel the initial hackers’ crime.
In doing so, he revealed the key risk to companies: people are always the weakest link.
“There will always be the risk of someone betraying a company purposely or accidentally,” Texas-based McAfee says.
McAfee describes how he called the assistants of two executives at the company telling them he was part of the governmental investigation and their bosses were suspected of involvement in the hack.
Within moments, the assistants were handing over sensitive passwords without checking McAfee’s pretext, enabling him widespread access to information and systems. He has since propounded that the original crime was an inside job, but not involving the assistants and bosses he targeted.
“Social engineering is a means of using people to do the hacking for you, using knowledge of how people respond to stress, fear, greed and other factors,” McAfee explains.
Another danger to companies is smart devices, which hackers will increasingly target because they give easy access to central systems, he warns.
“Employees use them as work stations, for communication and remote access to systems, yet they are the most insecure devices in the world. They are architecturally designed to gather information about us,” McAfee says
Employee education was the best way to protect a company; a focus area in a speech he will deliver at a Lawtech summit on the Gold Coast in September.
The founder of global computer security software company McAfee Inc, which was sold to Intel in 2010, is now concentrating on a two-year-old company, Future Tense Central, that provides next generation personal and corporate security products.
Other companies are similarly developing products with algorithms that change passwords every second, meaning even if hackers gain access, the data they can download is minimal.
McAfee says the biggest beneficiaries of cases such as Ashley Madison are lawyers whose bank accounts would swell.
Those representing companies needed to prepare for the worst. Others must lock confidential records away from anything containing a “moving electron”.
McAfee sees a threat from the so-called “Internet of Things” in which everything from cars to fridges will be connected to the internet, a tremendous advantage to consumers but a huge hacking risk.
Fridges will be able to weigh the milk left in your carton and automatically place an order to replenish it. Televisions are already able to record our private conversations and yet they are hugely popular, he says.
“That’s how crazy we’ve become. We buy devices that we acknowledge listen to us, send that data to anyone they want, to do anything they want with it.”
Stronger privacy laws
McAfee has long been a proponent for stronger privacy laws to restrict the ability of governments and agencies to spy on their citizenry.
People who blindly download applications and agreed to allow access to their data also needed to take more responsibility for their lives.
“We think we have done something good for ourselves. We have not. We are about to learn that in a very drastic way.”
He said he regards the world as on a path to George Orwell’s 1984. Alternatively it could lead us to a world of total freedom, depending on how wise we are in our choices of accepting technology.
“Devices can intercept conversations within half a mile, insert software and take control of your device to listen to you 24 hours a day. That needs to be reversed.”
McAfee does not doubt his views keep him on the list of those who watch.