Issue 26.15
Recently I have had the opportunity to meet and talk with real “hackers”. These are people that not only understand how to use the internet and software, but concentrate on learning how to manipulate the web to get what they want and to look at anything they want – including your information. The fact that they can copy almost anything anywhere is a serious concern and led me to ask them how to protect ourselves from them.
This was in an informal and anonymous setting. I don’t know their names or where they live, but what they had to stay to me is quite important to you. They are mostly harmless because they are not trying to steal your pictures and genealogy, your personal history or your emails to family and friends, even your banking information and identity. But the fact that they can do these things is pretty scary and indicates that those who provide the pathways used should tighten up their security and their ability to track down anyone who misuses the web for those things.
I saw one of them demonstrate how he would “hack” into a nearby open wi-fi. It could have been a restaurant or internet café but the one he chose was a hotel. Once he was in their system, he used a program he had written to intercept “packets” or small segments of information that were travelling through the hotel’s system into the internet and back to the customer. He showed me sections that were the keystrokes being typed by various people in the hotel. He grabbed a picture that was being sent by someone to an email that he also identified.
I had been under the impression that the ability to do these things was limited to government and a few “rogue” individuals that were extremely talented and very rare. He indicated that, in his opinion, there were likely from 40 to 100 people in any given major city that could do what he did and that many of them were willing to share what they know (and the programs they use) with others for a price. He spent most of his time consulting with big companies for good pay helping them to avoid cyber-attacks and “hardening” their systems against attacks. He said he didn’t ever use his abilities to take information or programs from others and use it to enrich himself (except for commercial programs that he thought shouldn’t charge so much), but the fact that he could do those things if he wanted to (or was mad at you or needed some extra cash) was pretty concerning to me.
Here is what they recommended: First, never open a pop-up. Always go to the source site for updates.
* Never get on a public network. If you do, don’t ever do anything more than check the news and weather. If you log on to anything (email, bank account, you-tube, facebook, etc.) there is a chance that someone will be able to see your username and password and use it to get your personal information and perhaps steal your identity.
* If you need internet when you are away from your home or office, get a hotspot that only you have access to and don’t broadcast the SSID (Service Set Identifier) so that hackers can see it. They will simply create a copy of the SSID network you have and possibly confuse you into using theirs instead of your own. Many cell phones have the ability to be a hotspot and you can purchase an internet hotspot from most cellular carriers. This makes it unlikely that you will be hacked in this manner because you are less vulnerable and they want to work fast. (You don’t have to run faster than the bear, just faster than the guy next to you).
* Make sure your home and office have a firewall installed (which makes intrusion more difficult). If you are a public figure or have significant assets, spend the money to upgrade to a commercial firewall and other protective measures.
* Don’t share your passwords or make them obvious or simple. Change them regularly and keep them in a safe place so you can refer to them but they are not available to others – and always remember to back up anything on your computer that is important to you.
Shaun McCausland has worked in the computer industry for over 33 years, 26 years of it locally with Bits ‘N’ Bytes and Musicomp and currently does in-home and on-site computer consultation, service, training and repair. If you have questions you can reach him at 435-668-7118 or shaun@musicomp.net.