Indian 'hack-for-hire' firms target VIPs, states: Report
London: The use of the Indian underworld to break into email accounts and smartphones has become a practice that has been proliferating for years. British investigators have been able to commission "hack-for-hire" firms with little fear that they will be prosecuted for breaking the UKs computer misuse laws, an investigation revealed.
The probe by the Bureau of Investigative Journalism revealed the contents of a leaked database from inside one of the major "hack-for-hire" gangs. It shows the extent of illegal computer hacking across London for corporate intelligence companies targeting British businesses, journalists and politicians.
But this gang is not the only one. The undercover reporters contacted a series of Indian hackers who were secretly filmed speaking openly about their illicit work and their underground industry's nefarious influence in Britain.
It is illegal to commission hacking from the UK, a crime punishable with a prison sentence of up to 10 years. There are similar laws in India, where unlawfully accessing a computer carries a jail sentence of up to three years.
But the hackers had no fear of being found out. One laughed when asked if any Indian hacker had been caught. "Not even a single (one)," he said.
In recent years there has been a trend for computer security firms to pretend to be training "white hat" hackers so their knowledge can be used to protect clients from online attacks. However, they are being readied for the dark side. There is plenty of money to be made from breaking into private email accounts, and plenty of clients willing to pay.
This is how the Indian hacking industry began. One of the industry's founding fathers was a firm called Appin, set up in Delhi more than a dozen years ago supposedly to train a new generation of "ethical" hackers who could help safeguard individuals and businesses from cyberattacks.
However, the firm, now defunct, is alleged to have secretly established a lucrative side-line taking cash from clients around the world to hack individuals. These clients are said to have included corporate intelligence companies based in Britain, the investigation revealed.
India was a particularly attractive proposition for the investigators. It was not just that India's enforcement of computer misuse rules was light touch; the commissioning of crimes in a faraway country with a different jurisdiction greatly reduced the risk that the investigators would be caught or prosecuted.