Breach brings to light several incidents of phishing, piracy and data theft whose trails find their roots in underground international networks. Full of riveting stories of hackers, police and corporates, Breach reads like a thriller.
Here is a captivating excerpt from this unputdownable book.
The evening before the journalist found himself plunged in this nightmare, the businessman stood at the window in his office in Mumbai, gazing at the evening sun and its last few minutes of orange shimmer before it set in the Arabian Sea. He was contemplating, among other things, the last few years of his business. It had been a particularly tough period for his company. What accentuated the pain was that the lean phase had come right on the heels of a few years of huge success. Like many other businesses in Mumbai, and around the world, his company too had entered a difficult phase with the 2008 collapse of Lehmann Brothers and the meltdown it had triggered in the global markets.
He walked back towards his seat. It was time to wrap up and leave for the day. Just as he was about to close his laptop, the mail icon lit up. The name of the journalist flashed in the notification box on the lower right corner of his screen as the sender of the new email in his inbox.
That was not unusual. He often got emails from a few journalists with whom he maintained open communication channels. He glanced at the subject—it said something about a new draft of a story. He presumed the journalist probably wanted him to answer some questions for his story. He was a tad irritated by journalists emailing him directly rather than going through his company’s corporate communications team. He was about to close it, but then those pesky email notifications were designed to pique curiosity, and he couldn’t resist clicking on it. He opened it.
The text of the email followed from the subject line. The journalist was writing some story and had attached a draft for his review. There was the attachment and precious little else in the email. That was a little odd, considering journalists like this one usually wrote long emails, building the context to their story. But then, he knew this journalist often worked on tight deadlines. In his hurry, he may have forgotten to type in the introductory details, he rationalized. He double-clicked on the attachment.
Nothing happened. He clicked again. Nothing this time either. He minimized the email window to see if any file had opened up and was hidden behind the email window. There was nothing. His desktop wallpaper with the smiling faces of his family from their last vacation stared back at him.
What he obviously didn’t realize when he opened the attachment was that he had not clicked on a word document, as he had assumed, but on an executable file used typically to instal programmes in computers. The malware that was being executed had been disguised as a word document, and the moment he opened it he unwittingly triggered a domino chain of code that chugged along quietly in the background, installing programmes that would ultimately transmit information—in this case valuable business secrets—from his computer. These secrets would start getting transferred to a remote server. It was that simple.
The malware now installed on his system was powerful for the times. It could worm its way into his input devices and record key strokes, turn on the microphone and record conversations, collect saved passwords, search for files by keyword, take screenshots and upload and download all these to remote servers—dumpsites, as they are often referred to by computer nerds. The malware was so sophisticated that it could do pretty much everything a person sitting in front of the computer could, without giving itself away. There was nothing stopping it, except if the system itself was turned off.
But it took some time for the businessman to realize he had made a mistake by clicking on the link. It took time for him to realize that the con was in the code.
To read more of such crazy stories of cyber crime, grab your copy of Breach now!