A long-haired teenager sits in a hotel room pecking away at his computer. Just another geek? Yes, but a dangerous one. He is hacking the terminals of the Federal Bureau of Investigation. This is only the first step. He will then use the terminals to hack into the power grid and shut down the whole country remotely. He will take over telecommunications and transport, the airport and the financial institutions. This is part of a major plan to take over the whole country remotely.

Science fiction? Not at all. Hacking and its potential to cause harm is a frightening reality today. And it is not just about computers. Whatever device we use — from cellphones to remote-controlled microwaves to credit cards and intelligent cars — everything controlled wirelessly can be hacked into. Indeed, for every secure and encrypted device there is a way to get around it. This jarring truth was brought home to those watching a recent episode of Homeland, the award winning TV serial, where the vice-president of US is killed by terrorists hacking into his pacemaker.

In recent months, the most severe attacks have been on credit cards and financial institutions. A new malware called Dexter has been unleashed to grab and transmit any credit card data that come into retailing machines. It is highly intelligent and communicates directly with the command and control server manned by a thief.

Anju Das (name changed) was at a shopping mall with her family. A young man wearing a cap with the monogram of a well-known mobile service provider approached her. Smiling, he told her that they were running a promotion and if she used her debit card to swipe a nominal amount of Rs 50 she would be eligible for a free recharge of Rs 250. Anju agreed and swiped her card.

Shankar Mondal (name changed), another shopper, wanted to avail of the service too. The two went home content. After a few days both found that huge amounts had been withdrawn from their bank accounts. Neither had received SMS alerts for their card transactions as they had changed their SIM cards on their mobile phone, typical of many prepaid users.

It took the cyber police nearly a year to track down a gang which included two web designers and which had skimmed off about Rs 5 crore from unsuspecting credit and debit cardholders across the country. They had sophisticated electronic equipment such as ATM data skimming machines, electronic magnetic writers, card printers and ATM pin pad skimmer machines.

Last month Mukesh Mathur, an employee of Union Bank of India, found that his debit card had been used multiple times to rob him of Rs 45,000. He insisted that he had never used his card online other than paying bills on secured sites. In another incident, Parag Vidhyarthi, a businessman, found his credit card was used on an online shopping store. The bill totalled Rs 42,049.

Credit card cloning, or “skimming” as it is sometimes called, is a technique whereby someone obtains your credit card details, copies them onto a bogus card and begins using it. “A device with a scanning slot can be easily procured from shady shops or even ordered online. These devices come with software that can store information from about 3,000 cards. These made-in-China data readers are priced between Rs 30,000 and Rs 50,000,” says a hacker who goes by the code name T0xic Vap0r.

But it is not just credit cards. Jiten Jain, a Delhi-based cyber security analyst, recently met the sleuths of the Intelligence Bureau and handed them a document that lists cyber threats to the National PowerGrid, the nerve centre of power distribution in the country. According to Jain, all electrical grid systems in India are vulnerable to cyber attacks. “It’s a clear and present danger. Powergrid is, in my opinion, most vulnerable,” says Jain. Your smart car is susceptible to hacking too.

All cars these days have an onboard diagnostic system. Different parts of the car connect to it through a network. Hackers plug in to the diagnostic system’s computer port and inject a particularly vicious program called CarShark that can shut off the car’s lights, lock its doors, kill the engine and release or slam the brakes.

Frighteningly, medical devices are vulnerable too. The medical industry uses software-based devices such as insulin pumps, artificial pancreases, smart stents, pacemakers, ICDs and many others. All these can be hacked with laptops, high-gain antennas and simple software.

For example, hackers need only to obtain the serial number of a pacemaker to force it to deliver an 830-Volt shock directly to a person’s heart. In short, a hacker could kill a heart patient. Since these remote controlled devices need an entry point in the form of a wireless connection, one way to secure a patient is to hide the home’s Wi-Fi network and put up a very strong encryption. However, Jain says that cyber attacks on smart cars or pacemakers are still at a “theoretical level”. “Technically, these things are not yet possible and people who are propounding them are yet to show they can attack pacemakers or other medical devices in the real world,” he says.

As for smart cars, Jain says that since smart cars don’t constitute even 0.001 per cent in the world’s pool of cars, cyber enthusiasts are simply “drawing scenarios”.

Rishab Maskara, a Mumbai-based cyber enthusiast, feels that it is just a matter of time before hackers manage to break into and disable cars. “Cyber attacks on cars will become a reality when more and more people use such cars,” he says.

According to Maskara, mobile phones remain the biggest risk for cyber attacks. “People should avoid storing anything important on their smart phones,” he says.

Adds Abir Atarthy, an ethical hacker and chief mentor of Netsoft Technologies, an IT security training and consulting firm, “Most phones get hacked, thanks to the apps we install without knowing what kind of data these will access.” By taking control of a cellphone a hacker can listen to your calls, read your text messages, follow your Internet browsing activity and keystrokes and even pinpoint your geographical location, he says.

Users of Android phones are specially at risk. This is because an ordinary user does not know if an app is secure or not. They need to secure their phones by installing proper anti-virus software, says Atarthy, who has exposed vulnerabilities in the websites of NASA, Apple, Harvard University, Facebook and Forbes magazine.

And if you think you are safe just because you use an iPhone, think again. Last month Apple admitted that its Macs were hit by a malware. The company has released patches to protect iPad and iPhone users from such attacks.

“Getting hacked is like an accident. Whatever precautions you may take, you may still get run over by a car,” says Atarthy.

Not a very optimistic prognosis. But that is the nature of the beast called hacking.