Should we just give up?
By Beth Ziesenis, Your Nerdy Best Friend
Well, “worried” isn’t all of it. I’m angry. And scared. And fed up. For every amazing tool that comes along to help us with our world, some blankety-blank blank-hole hacker finds a way to sneak into it, with results from annoying to financially draining to downright life threatening.
Here’s a summary of just a few of the latest insane threats:
• Hackers used a Jeep’s entertainment system to take over someone’s car and make it stall into the middle of a busy street then forced the vehicle into a ditch. (It was an experiment the driver was in on, but crap!)
• Hackers grabbed all the data from the parent company of an adult site called Ashley Madison. Sure, the folks registered on that site were looking to cheat on their spouses and probably pretty crummy people, but there were 37 million of them. Interestingly enough, there’s nothing on Ashley Madison’s front page about the breach, and it still sports badges touting the site as secure and 100% discreet.
• The Federal Trade Commission is charging LifeLock, a service that promises to keep your data and identity secure, with deception in advertising.
• I just read this article about 8 ways hackers can get into your offline computer and phone — meaning you don’t even have to be online for the bad guys to get in. The technology can guess your keystrokes from vibrations and changes in power consumption, among other things.
• You have probably already heard of other major breaches, such as the U.S. government’s horrifying breach that exposed the data of 21.5 million people, including more than one million sets of fingerprints. People just discovered that more dangerous holes in Java and Flash software that let bad guys into your devices. Did you know that thieves can exploit your remote car entry system to rob your car in your driveway if your keys are on your kitchen table? Yeah. People suck.
I could go on and on. And on. And on.
So, what are we going to do? How can we protect ourselves?
I wish I had an easy answer. Many of the things that we’ve encountered lately are outside our control. We can’t do anything about our information being released to the world from the U.S. government’s databases. But we can and should take these steps:
This is perhaps the most important step you can take. We hear so often about breaches and hackers and cyber crime that it’s easy to tune it out. Keep reading these news alerts to know what’s happening. If you get an email from one of your services (your bank, social media account, etc.), FIRST make sure it’s a valid email, then read it and take action.
Also, when you hear about a large breach, you can plug your email into haveibeenpwned.com to see if your credentials show up on a list.
A couple of years ago, people found a huge hole in the security of something like 60% of websites — the Heartbleed Bug. People were warned to pay attention and change their passwords — like all their passwords. I bet less than half of us took that action. Like I said, we’re kind of suffering from hack fatigue. It’s a pain to stop what we’re doing and run in and change passwords or verify identity or what-have-you. But to stay safe, we need to take swift, immediate action to protect our identities and more.
One of the reasons that it’s such an inconvenience to go back and change a password is because we frequently forget the password and often can’t remember the answer to our security question. It’s not just you who can’t remember your father’s middle name. It’s a pain. I use the password manager LastPass to create complicated passwords that I can change with just a couple of clicks, but even LastPass was hacked (although I’m sticking with them because their overall shields held). If you don’t trust cloud-based password managers, try KeePass or PasswordCard.
A lot of smart people have written great advice on ways to surf safely and be smart online. I just met this security expert at the National Speakers Association conference (yes, that’s NSA. Heh.) He’s from Boston and is definitely wicked smhat. Google Online Security Blog just reported on the online safety habits of security professionals. Interesting, don’t you think?