The Russians are coming. They might not be knocking down our doors, but cyber hackers are already invading our computers. And I can vouch for the disruption they are causing. My personal computer has been crippled by ‘attacks from Russia,’ as they have tried to hijack my email account.
It has been a harrowing experience because my computer is like an extra limb – and essential for my work.
As a victim of the Kremlin’s red army of online fraudsters, I can no longer send or receive emails. Worse still, I am worried the Russians could be watching my every move – with KGB-style online eavesdropping.
Advice: Expert Colin Tankard helps Toby Walne tighten up the security on his computer system following the attack
Quite why I have been targeted I cannot say. Journalist I may be, but my emails are full of tips on bleeding radiators to keep heating bills down – not the codes to Britain’s nuclear arsenal.
It has left me feeling not only violated, but also paranoid. At any moment, they could plunder my computer files and demand money in a blackmail ‘ransomware’ attack – or by stealing enough data, even empty my bank account.
The trigger for the attacks on my machine remains unknown, but may have been a result of me downloading ‘Bad Rabbit’ software – malware – when I pressed a button thinking I was updating software. Such malware ransacks your computer of information and appears to originate from Russia.
Then again, perhaps the Kremlin found my details on the dark web – where it appears my personal information and passwords had been leaked, following hacks into services I have used in the past.
Or maybe I had been targeted following a warning article written in The Mail on Sunday in March about ‘Putin’s hackers’.
Frightening though the experience has been, at least I am now aware what is going on and can take action. And according to cyber experts, I am not alone. The Russians are targeting thousands – maybe millions – of people’s computers in order to disrupt Western economies following the invasion of Ukraine.
This is not just revenge for sanctions – creating disruption and panic for computer users – but to swindle us out of our money.
My encounter with Russian cyber hackers began last month when the email account I use on my personal computer kept crashing.
I rang my internet service provider Easyspace. It said it had noted ‘numerous’ attempts to hack into my email account from a Russian internet protocol (IP) address. This resulted in it freezing my account.
After I contacted Easyspace, it lifted its ‘suspension order’ on my account – only for the account to crash again a couple of days later. Again, Easyspace confirmed the ‘Russian state’ was responsible for trying to get into my account.
The Easyspace service costs £30 a year and did its job well. It said: ‘Using a proactive email hosting company with your domain enables swift action to be taken on your behalf if there are security issues, including attempts to log in to your account in attacks from Russia.’ But my Apple ‘Mail’ account – which enables me to read my emails – no longer opened on my computer.
Also, my ageing 12-year-old Mac was not downloading the latest security updates required to combat a surge in attacks. Cyber security expert Colin Tankard understood what I was going through. He said I should be grateful that Easyspace was up to the task and halted the Russian cyber hackers.
He said that for Easyspace to suspend my account, there must have been at least a dozen attempts to get into my emails with various passwords used. He recommended that I visit website ‘Have I Been Pwned’ to see if there had been any online database breaches, leaks or hacks on accounts I used.
After tapping in my email address, I found 15 instances where my personal information may have ended up on the dark web, stolen from websites such as LinkedIn, LiveAuctioneers and MySpace.
Tankard, managing director of data security firm Digital Pathways, told me to take immediate action.
He said: ‘Change the Easyspace password straightaway because the attempts to log into your account show that criminals may be close to cracking the code.’
He added: ‘The new password does not have to be complex – try a visually memorable, but strange phrase. An example might be something like BeesPlayBanjos56.’
Russian hackers do not need to be super sleuths to crack into an email account or steal identity information – as the keys to unlock these are easily found on the dark web.
This is where websites not listed on mainstream search engines are illegally run and used by criminals to trade in stolen information.
Crooks can pay £10 for someone’s ‘fullz’ – cyber slang for a person’s full identity details. It includes not just a person’s name, address and date of birth, but log-in details for services plus passwords.
Tankard warned that now the Russians may have my personal details, I am more likely to be reeled into a scam designed to steal my money – known as phishing.
Tankard advised: ‘You need to be far more careful. Do not open unsolicited email attachments. Visit the website virustotal.com. It can tell you if any viruses have been detected on files that have been sent to you.’
The security expert then shook his head in disbelief when I showed him my external hard drive – a box used for storing data in case something goes wrong with my computer. This £45 device was as much use as a chocolate teapot as it stopped working a couple of years ago. Only now do I see the folly of not getting it replaced. After a stern telling-off, I promised to buy a new one.
The Russians may be coming, but I am fighting back.