HACKING – whats the story?
I’ve been asked a lot recently about hacking. Folks thinking they had been hacked. Worried about their data. Their computers. Their servers. Their websites….
so let me explain.
Hacking takes MANY forms. Often is not malicious. People just wondering ‘what does the computer at 192.xxx.yyy.zzz do??’. My own servers are attacked.
All. The. Time.
I see every day, every hour, people trying to log in. But – they dont make it.
Hacking personal accounts also happens all the time. Just had a customer tell me Google had alerted her that someone had tried to access her account.
And we ready about hacking in the news all the time! the DNC. Hillary’s server. Bank of America. Target.
So – whats going on? and what can YOU do about it?
Lets examine the kinds of hacking … and start with what hacking is.
Hacking is trying to access a system that you dont have access do. For many purposes.
In olden times (and yes I used to be one many years ago) it was just curiosity. Computers were NEW. I would locate a computer modem on a phone number in Boulder Colorado and I would wonder what was it up to!
And — I’ll hasten to add – there was nothing ILLEGAL about it. Back in the days of the Wargames film (I had a wargame dialer years before that I wrote myself btw!) it was NOT a crime.
That changed later and it became a Federal crime to attempt to access any computer that you were not authorized to be using. That was a real bummer for the curious folks who didn’t want to commit crimes!!
But more recently a lot of the innocence of those early days has morphed into darker and more nefarious purposes.
Many websites are hacked for the purpose of hijacking them or putting nasty pages up instead of the ‘correct’ pages. Just a few weeks ago the CIA’s OWN website was hacked.
These hacks are usually just annoyances and you have to restore the proper webpages from backups – and eat the embarassing ‘YOU got hacked!’ news stories!
After all THESE kinds of hacks are MEANT to be noticed. pretty much immediately. Its the point.
‘I hacked into the CIA’s website’ was no doubt a cry of triumph in certain circles. But it did no damage, and was just embarrassing. At least to the CIA!
And note – hacking the CIA’s website is NOT the same as hacking the CIA’s computers with all their secrets!
How were they able to get into the website? Well there are only 2 possibilities.
1) someone gave them a password.
2) they guessed a password via a brute force attack.
Case 1 – WHAT you say? someone GAVE them a password?
Happens all the time with a phishing email.
Say YOU get an email seeming to come from Paypal. Or Bank of America. Or the CIA Website.
‘Dear John Doe – we have noticed someone trying to log into your Account. We have restricted access until you verify your credentials.
Please log in immediately to restore full access to your account!’
This email LOOKS VERY OFFICIAL. and when you click on the link you see the Bank of America logo. Or the Paypal Logo. and you
enter your username and password and …….
…. you just gave your information to the phisher. Because HE has created a site looking JUST like Paypal or Bank of America – on HIS SERVER.
What can you do to defend yourself?
Its very simple. NEVER CLICK ON EMAIL LINKS. If you think its from paypal GO TO THE PAYPAL WEBSITE YOURSELF and log in.
Or go DIRECTLY TO THE BANK OF AMERICA SITE and log in. NEVER NEVER NEVER assume an email is valid.
Case 2 –
And as for the brute force attack? Its simply an automated process running on a computer in China that keeps trying passwords — until it guesses yours.
What do do? well as I said this happens on my server all the time (and on ALL servers ALL the time). I have a great tool called fail2ban – and it notices all attempts
to log into my server for whatever reason (email, file transfer etc etc)… and after 5 failed attempts within say one minute, that IP address gets banned for several hours – and
now any attempts to access my server are automatically blocked until the ban is lifted.
Now if you are trying to get passwords there may be tens of millions of possibilities. and if you can try them with no limitation you will eventually chew your way through enough to get to the password.
But if you can only try 5 per hour, then one million guesses would take — well 200,000 hours. I can live with that.
Any PROPERLY configured server must have such a setup as this. If YOU have a server then YOU need to see what yours does against a brute force attack. I can help if you dont know how to determine this.
Lets consider however some of the malicious attacks.
Some examples – hackers broke into Target’s central database. Why? well – they stole Target’s list of all their customers – together with all their credit card information. numbers, passwords, everything.
How did this happen? well, in a commercial database like this, there is also the possibility that a Target employee was in on the theft (disgruntled employees are often involved in hacks, corporate espionage and the like). And the damage done to Target was huge. And one thing that was instantly clear? Target is MASSIVELY LIABLE legally – because they did not encrypt the customer data!!!!
Had Target kept all the data in an encrypted form – then the hacker could have downloaded the database – but then spent many centuries trying to break into it!.
Their failure to keep the data encrypted is a MASSIVE error on their part. Punishment will be forthcoming…
MORAL — if YOU have customer data on YOUR server IT MUST BE ENCRYPTED!!! And all login pages must be HTTPS SECURE!!!
Lets look at some political hacks. the DNC for example. Hackers had access for about a YEAR before they were discovered. How did they get in? through one of the 2 methods above. A former employee gave them access either directly or through a phishing attack. Or they bruteforce guessed it. But — big difference between this and the CIA – the hackers did not immediately announce their presence and managed for a YEAR to log in, download info, and generally get anything that they wanted.
This is incompetence on a massive scale – on the part of the DNC. There would have been inexplicable downloads, logins at 2:42am from address in china and the like. You can be very clever (I was by the way) and you can eliminate traces of a visit. But accessing it for a year I simply cannot believe they should not have been discovered MUCH MUCH sooner!
How about Hillary’s server? She states that it was never hacked. That statement (sorry Hillary supporters) is simply nonsensical. A Skilled hacker could have gotten access – and them removed all traces of their visit by cleaning up the logs before leaving. An amateur hacker might well have left traces, but not someone who did not wish to be discovered! Thats what the FBI Directory said by the way – ‘we found no evidence – but would not have always expected to see evidence’
Its simply wishful thinking – nothing more or less. And from what I’ve seen of her IT ‘person’ – its EXTREMELY unlikely that the server was hardened against attacks (invoking process like fail2ban that I mention above). It seems he had nothing like the expertise required to properly protect a server particularly one with such sensitive information!
And I’ll note that Hillary’s server was only ‘discovered’ via a successful phisihing attack that ‘Guccifer’ (a Romanian hacker) did against Sid Blumenthal – a Hillary friend. He got into Sid’s emails then noticed the other emails that referred to her server – and then of course he would have wanted to get into THAT server!
That’s how these phishing attacks spread attackes – when you get into someones email account – you now see all the people they emailed – and often you find emails with ‘Sid, please change my password to xxxx’ and bingo. you are off to the races!!!
Now am I being overly critical of the DNC or Hillary? Not at all. I’m sure the RNC’s servers have also been the subject of attack. and Donald Trump? now THAT would be an interesting email address to get access to – would it not? (LOL).
But we are going on what we have heard and read, and it all does show fundamental careless that YOU can avoid by NOT responding to any email link – and by making sure YOUR server is hardened against attack.
The fundamental problem with the DNC – Sid – Hillary (if she was infact hacked) – is that folks are living in an illusion of Security. ‘My IT Person assures me ……(fill in the bs).’ or ‘It sure LOOKED like a Bank of America email’ MUCH MORE CARE IS WARRANTED FOLKS. BY ALL. DEMOCRATS – REPUBLICANS – AMERICANS ALL.
Now not all attacks are done against servers. Sometimes you can click on an email and load a malicious program onto YOUR computer – and lead to unfortunate results.
A few years go my aged and beloved father started sending me Hard Core XXX Porn. I called him up. ‘Dad – something you need to tell me’? What what he said? Well – turns out he had clicked on an email that launched a virus that stole his windows address book -and mailed it to an address in China. So a Chinese server was emailing the same message to all the people my Dad knew.
Porn. ALL of his friends.
Problem with this kind of attack is that you have to change your email address. THEY WILL NOT STOP SENDING THE PORN (or spam or whatever else!). So he had to add a ‘1’ to the end of his gmail address and tell all is email receipients that from now on block my old address and my new address has a 1 at the end!
Sorry – but NOTHING ELSE WORKS.
One recent interesting thing shows the usefulness of those annoying security questions that websites ask. A customer recently forwarded me an email she got from Google – and it turns out it was legitimate.
Someone had gotten her password and tried to log into the account from Ashburn VA (no thats not where my customer lives). Google blocked the login because since it did not recognize that address as ‘valid’ it asked the security questions and the person was unable to answer. This means several things –
1) MAKE SURE YOU HAVE GOOD SECURITY QUESTIONS.
Either know all your answers – or – what another customer does – is answer ALL the security questions with the same answer. If your answer to all security questions is ‘I love George Bush’ (or ‘I love Bernie Sanders’ for those who .. well you get the idea) I can pretty much guarantee no one will guess that as your first pet’s name!
2) CHANGE YOUR PASSWORD IMMEDIATELY. No – your account was NOT hacked – as Google did not grant access – BUT THEY DO KNOW THE OLD PASSWORD. so CHANGE IT.
Now if YOU get any email like this you can ALWAYS forward them to me – and I’ll look into it and see if its legit!!!
Anyway – information overload. If you have any questions or concerns – let me know we will be happy to help!
And – I’m NOT trying to engender panic. Far from it. But we need to STOP being so complacent about our information. Its shocking to me how much folks just hang their information out there!
One COMMON way folks are guessing passwords – is from information on Facebook! If you go on and on about your Beloved Pet on Facebook – and my dear old Cat Orange just passed away so I would sympathize with doing so –
how stupid would it be to have a security question where the answer is your favorite pet’s name??? Now they DO get into Bank of America and you are paying for a trip to Cancun that you dont even get to go on!
NEED A WEBSITE? OR NEED YOURS UPDATED? OR WANT TO KNOW IF YOURS IS GOOD?
I’ve done over 700 of them – anywhere from $100 to $150,000.
AND I can host them – And I know what makes them work!!!
If you need one – or need yours improved – give me a holler. Happy to help! And I’ll take a look at your existing site and give my opinion of it!
(and yes I’ve complimented some customers that they have a NICE website!)
Have some NICE Convertible PC laptops (ones where the touchscreen folks back over and turns into a tablet).
A nice Lenovo Yoga 2 – 11 inch – all set to go with Windows 10!
And a nice touch screen dell 15in laptop.
Still have a wonderful 2011 27in Imac needing a home!
Its an 3.4ghz I7 with 8gb of ram and a 2 Terabyte Drive!! TASTY! $1200
Also got in a 2011 17in Macbook Pro – with a spanking new logic board. VERY MUCH LIKE MY OWN! Looks BEAUTIFUL!. worth about $1200
Have several of the 2013 21.5in Imac (one of the new SuperThin models). Has a broken screen, but when it gets an owner I’ll replace it and give a 6 month warranty!
Also have a 2015 15in retina that will be available soon. VERY nice and we are repairing the logic board currently (we do component level repair after all)
I have several 2013 Retina 13in laptops – 128gb and 256gb drives – all set to go!
A couple of Mac Airs are onhand – 2013 13 inch and 2014 11 inch.
ALL WITH A SIX MONTH WARRANTY!
Take care folks. and look forward to hear from you!