A former member of hacktivist group Anonymous has warned that big North Sea firms are “probably already victims” of a data hack.
Reformed hacker Mike Jones said at an Aberdeen tech event last night there is “always a way in” to the administration network of big firms.
But the once infamous internet cipher added that, for oil and gas companies, taking precautions and educating staff was essential to preventing a larger critical breach.
Speaking at Robert Gordon University (RGU), Mr Jones warned that hacker groups can be inside a company’s system for over two years undetected, and once discovered “it will take over six months” to fully get rid of the damage.
He said: “A hacker is always going to get in some way; it might not be today it might not be tomorrow, but they will.
“The faster a company can stay on top of new vulnerabilities and educate the longer you can put that inevitability off.
“A lot of the networks are compromised by employees clicking on bad emails, or using compromised USB sticks.
“You can stay on top of technology, but if you have no education programme so people understand how their behaviours on the company network can affect the organisation, then you’re wasting your time. It’s going to happen.”
Mr Jones, who went by the moniker ‘sting3r’, is also a former US military intelligence expert and Iraq War veteran.
Based in Houston, he claims to have developed ‘exploit’ techniques to help companies protect themselves through greater understanding of the specific threats they face.
Asked whether internet hackers were likely already into the network of big firms like BP and Shell, Mr Jones said: “It’s possible. I’m sure there are machines within those companies that have been compromised.
“But it doesn’t mean there are fingers behind the keyboard on the other end, but it does mean that backdoor is there for the next person who comes along.”