Expert hacker gives Jersey top security tips

Friday 30 June 2017

Cal Leeming, the UK's youngest hacker turned cyber security advisor, has described how as a top finance centre, Jersey is a particular target for cyber-crime.

The 29-year-old founder CEO of Lyons Leeming, a private cyber security firm, was in Jersey on Thursday as a keynote speaker at the 2nd annual CyberCrime forum organised by JIBS.

Mr Leeming's presentation, called 'Inside the mind of a hacker', gave attendees an insight into "what the bad guys are trying to do" explained Frank De Mita, director of Global Outreach and Development at Jersey International Business School and Chairman of the Forum. 

The UK youngest 'black hat' hacker explained that he has always been fascinated by technology which led him to his first hacking attempts when he was only 10. He was first caught at the age of 12 and jailed for five months at the age of 18. If it hadn't been for the help of Clive Read, the police officer who arrested him, Mr Leeming says his life would have been different. "He helped me turn my life around and put me in front of the businesses I had hacked. He gave references for my first jobs. He pretty much saved me."

The cyber security expert who advises public figures and high net worth individuals explained that one of the first steps to take when it comes to cyber security is to think about the "impact and value of personal data to yourself and to an attacker." "They might not mean anything to you but could be worth millions to someone else," he added citing the example of David Beckham, who was targeted by hackers who asked for £1.5 million so that emails he sent to his PR wouldn't be released. 

Video: The young hacker demonstrated how an alarm system could be hacked in mere seconds.

After demonstrating how quickly security systems can be hacked - it took him under 30 seconds to hack an alarm set up by one of the attendees, Mr Leeming took part in a Q&A session. He was asked if Jersey was under threat and replied that, "as a finance-based jurisdiction, Jersey has a lot of different risks to consider. A hedgefund can be taken out in five seconds. You can get your head sliced off in a split second. And it has already happened, you just haven't seen it. If you are in wealth management, you can fall victim to kidnapping and extortion."

The former hacker, who says he started after meeting a group of "like-minded individuals without any adult supervision, guidance or censorship", explained that parents should "restrict children's access to technology." "Let your child use your iPad for a whole day, just one day, and watch what happens. They go insane! It messes with their minds and screws up their sense of boundaries.

"Some children just want to consume and parents should supervise their access to technology. At the same time, you need to give them the ability to make mistakes and learn from them. They might see things they don't want to see but that is part of life. If you forbid the access to something, it becomes amazing and more appealing."

Pictured: A Panel discussion underway at the event.

Cal Leeming was then joined by David Ferbrache, Technical Director of Cyber Security at KPMG and former Head of Cyber & Space at the Ministry of Defence, for a panel discussion on cybersecurity in financial services. Mr Ferbrache said: "If you monetise things, you are going to get hit. It you are not prepared to deal with ransomware, there is negligence. Businesses should think through the scenarios and prepare for what might happen."