While breaking into the voice mails of Prince William, actress Sienna Miller and model Elle Macpherson was enough of a scandal to cause British tabloid News of the World to shutter last summer, that probably wasn’t all the paper’s rogue reporters were up to. An elite service called Vigilante Bespoke—which bills itself as the world’s first “cyberbodyguard”—suspects the problem was much worse.
Vigilante Bespoke never presented evidence against News International—News of the World’s parent company—but it did help lawyers who were representing dozens of celebrities in the case, believing that not only were their phone messages listened to, but their e-mail accounts and laptops were also hacked—a growing problem in our increasingly networked age. As cybersecurity incidents have skyrocketed in the last five years, cyber crime has become one of the most profitable kinds of illegal activity in the world, approaching the global value of the drug trade. And when hackers are able to circumvent the security systems of major international corporations—such as hacker collective Anonymous, which accessed the networks of companies as large as Bank of America and as savvy as Stratfor, stealing thousands of documents and charging up to $700,000 on stolen credit cards—it becomes clear just how vulnerable the individual computer and smartphone user is.
In response, a handful of high-end protection companies have launched in recent years to provide a line of defense. Charging monthly retainer fees in the four-figure range, outfits like Vigilante Bespoke destroy viruses, transfer clients’ e-mail accounts to secure platforms and debug homes, cell phones and tablets. To be sure, Internet security giants like McAfee (which was acquired by Intel last year for $7.7 billion), Symantec and Barracuda Networks have long offered corporations the tools to protect business infrastructure, and there are dozens of smaller companies, like Total Defense and Lumension, selling personal antivirus software. But for the first time, there is a demand for individualized protection—a sort of cybersecurity concierge.
Oliver Crofton, 29, is one of three cofounders of Vigilante Bespoke. His business partner Rob Pope used to manage a team of 40 hackers at an “ethical hacking business,” testing corporations’ IT vulnerabilities. After Pope left that job, he was approached by a famous author whose book had been leaked online before the official publication date. Pope took a look at his computer and found that a hacker had installed a “keylogger” on it, allowing the criminal to monitor everything the writer typed. Pope fixed the problem and told the author he would be happy to check his friends’ computers as well. “Through the writer, we were introduced to a lot of celebrity clients,” says Crofton, and the company grew from there. After opening their headquarters in London in 2008, they had so much interest from the United States that they set up a Los Angeles outpost in 2010.
With a team of around 50 self-proclaimed nerds, Vigilante now caters to a mix of CEOs, entrepreneurs, celebrities and athletes whose personal information is at risk for cyber break-in. “At first,” Crofton notes, “it was mainly celebrities who were targeted.” Some have lost phones and found their friends’ contact information published on the Internet; others have had their private photographs posted online. A year and a half ago an actress, who has since become a Vigilante client, sent her malfunctioning laptop to a technical help desk, taking care to leave it under a pseudonym. Even so, she got a call from a tabloid letting her know that someone had tried to sell the paper her vacation photos—which had been stored on the broken computer.
But these days, says Crofton, “it’s bankers targeted for their bonuses. A story on a banker getting a million-pound bonus is tabloid front-page press.” Hackers are also after passwords to flush bank accounts and contact lists of well-to-do friends who might just respond to phishing e-mails. Gary Davis, director of worldwide consumer product marketing at McAfee, says it’s a problem that’s worsening. “High net–worth individuals have always been the targets of hackers and scammers,” he says. “But with more devices than ever before, they’re at even greater risk.”
Vigilante’s clients come to them with a catalog of cautionary tales. One, traveling for business, had a bug installed on his laptop when he connected to what he thought was his hotel’s wireless network. It turned out to be a decoy set up by a hacker. (Information security companies across the board advise extreme care when joining networks in public places. A hacker sitting nearby can easily join the same network and access their information.) Another case involved a client who thought, at first glance, that he had received an e-mail from a colleague. It read, “I just want you to scope out this project. Can you look at the attached document?” In fact, the sender’s e-mail address was off by a letter—instead of an “L,” there was an “I”—and the attachment turned out to be malicious spyware. In another instance, the company found that the closed-circuit security cameras at the home of a famous British soccer player were set up to broadcast his personal life across the Internet. A hacker could sit outside his house, pick up his IP address and see everything that the CCTV could. But, says Crofton, “ideally we become engaged before anything happens.”
Once clients sign on, Vigilante’s engineers do an audit of all their devices and rebuild everything from scratch. The cost varies based on the number of people, homes and devices involved. A family of four with houses in Monaco and Geneva, for example, would pay around $2,000 per month. “Our clients really want the security and privacy we offer, and they don’t want the hassle,” says Crofton.
McAfee’s Gary Davis predicts that the next hacker target will be mobile devices. “Smartphones and tablets are at even greater risk than PCs,” Davis says, since they have fewer security features and often allow access to an individual’s entire network. Just in the last quarter, there was a 76 percent increase in malware on Android devices alone.
So when choosing a security service, Davis recommends finding one that covers all platforms. “My advice is to look for breadth and depth,” he says. Vigilante Bespoke satisfies a particular niche for high net–worth individuals who want an added layer of comfort, but in Davis’s opinion, all-encompassing security software will usually do the trick.
“Consumer Internet security is a multibillion-dollar space,” says Davis, and indeed, recent statistics have valued it at $6 billion. “It’s a growth market, where hackers are trying to find new and innovative ways to ruin your life.”
Vigilante Bespoke services include transferring e-mail to secure platforms; testing for and eliminating viruses; setting up firewalls; and installing encryption and antivirus software. Monthly retainer fees start at $1,000; 44-845/299-7669; vigilantebespoke.com.
Fact: Cyber attacks on U.S. government agencies went from 5,503 in 2006 to 41,776 in 2010—a 659 percent increase.