Rise of the spousal hacker: is revenge hacking the next big threat?

Whether it's a scorned ex-lover or embittered ex-employee, the potential for revenge hacking is very real.

Revenge porn may be illegal in the UK, but what about revenge hacking?

People planning to get divorced should change their email addresses as soon as they have separated in order to prevent spouses hacking into their account and finding information which can be used against them, according to legal experts.

Nicola McInnes, head of family law at Gorvins Solicitors has issued a warning about the rise of the so-called spousal hackers, after an increasing number of clients have complained that their divorcing partner has broken into their email accounts and social media sites such as Facebook.

“It’s critical for anyone planning a divorce to change their email address and change all their social media passwords to stop their warring partner having access to sensitive information which could give them an advantage during divorce proceedings. We’ve found that hacking spouses are particularly keen to find any emails we may have sent which contain advice as to our client’s entitlement or because they believe their divorcing spouse is hiding income or assets. I had one case when we felt the husband was always a step ahead and my client was convinced that he had read emails we had exchanged,” she says.

“Facebook profiles are also targeted because they may contain information that can be referred to in court papers. Some clients have told me that their exes have even threatened to disclose the private photographs they`ve found on social media accounts as a way of getting what they want.”

Under the 1990 Computer Misuse Act, breaking into or “hacking” someone else’s email account can lead to criminal charges and if proven someone could face a two year prison sentence– even if it was a prank. Yet it has increased exponentially since the inception of the internet.
McInnes believes that the biggest vulnerability in these situations is that most people are reluctant to change passwords frequently. “ People are understandably resistant to or resentful of being forced into changing passwords and email accounts. Unfortunately the alternative is being placed in a vulnerable position at an already distressing time.”

In the business context, it’s increasingly important to remember that cyber security is not a bot problem, its a human problem. And most of the time it starts internally within the company. Whether you click on a suspicious link, visit an insecure website, or simply don’t update your password, more of the companies’ biggest threats are caused by employees than ever before.

Whether it’s a scorned ex-lover or embittered ex-employee, the potential for revenge hacking is very real. Businesses that practice a bring-your-own-device approach to IT, where employees can use their personal gadgets for work purposes, it’s important to ensure that when an employee leaves, they leave their work avatar behind.

Make sure administrative rights are removed and passwords are changed to avoid being an easy target to an unhappy former employee.

“It seems as though a day doesn’t go by without a cyber-attack or data breach making the headlines,” says Rob Norris, ‎VP head of enterprise and cyber security EMEIA at Fujitsu. He believes that with the frequency and extent of data breaches in the business world today, it’s vital that both consumers and organisations take a proactive approach when it comes to security.

“Organisations need to think about what data they need to protect and focus on the integration of threat intelligence and other information sources, to provide the context necessary to deal with today’s advanced cyber threats. They also need to be astute as to what third party organisations they work with and ensure they don’t pose a security threat, as hackers will look for back doors into an organisation through suppliers that might not have as tight security precautions,” he explains.

In addition to basic hygiene checks, like regularly changing passwords and at least skim reading terms and conditions for app downloads, Norris believes that consumers need to be made aware of the security risks when using payment information. “Consumers should consider two factor authentication alternatives where possible, so passwords are rndered useless on their own such as facial, voice, iris, palm and fingerprint biometrics for an additional layer of protection. In an era where data is becoming the new currency, all personal data needs to be properly protected. As the number of these threats continue to increase exponentially, no businesses nor consumer can afford for cyber-security not to be their number one priority.”

Praseeda Nair

Praseeda Nair

Praseeda was Editor for GrowthBusiness.co.uk from 2016 to 2018.

Related Topics