Hacking refers to activities that seek to compromise digital devices, such as computers, smartphones, tablets, and even entire networks. And while hacking might not always be for malicious purposes, nowadays most references to hacking and hackers characterize it/them as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge.
Many think that “hacker” refers to some self-taught whiz kid or rogue programmer skilled at modifying computer hardware or software so it can be used in ways outside the original developers‘ intent. But this is a narrow view that doesn’t begin to encompass the wide range of reasons why someone turns to hack.
Hacking is typically technical (like creating malvertising that deposits malware in a drive-by attack requiring no user interaction). But hackers can also use psychology to trick the user into clicking on a malicious attachment or providing personal data. These tactics are referred to as “social engineering.”
“Hacking has evolved from teenage mischief into a billion-dollar growth business.”
It’s accurate to characterize hacking as an over-arching umbrella term for activity behind most if not all of the malware and malicious cyberattacks on the computing public, businesses, and governments. Besides social engineering and malvertising, common hacking techniques include:
As such, hacking has evolved from teenage mischief into a billion-dollar growth business, whose adherents have established a criminal infrastructure that develops and sells turnkey hacking tools to would-be crooks with less sophisticated technical skills (known as “script kiddies”).
Who Are Hackers?
A hacker is an individual who uses a computer, networking or other skills to overcome a technical problem. The term hacker may refer to anyone with technical skills, but it often refers to a person who uses his or her abilities to gain unauthorized access to systems or networks to commit crimes.
How to Protect Yourself From Hacking?
Think about your home computer as a company. What can you do to protect it against cybercriminals? Instead of sitting back and waiting to get infected, why not arm yourself and fight back?
Bad guys, beware. We’ve got 10 ways to beat you.
- Update your OS and other software frequently, if not automatically. This keeps hackers from accessing your computer through vulnerabilities in outdated programs (which can be exploited by malware). For extra protection, enable Microsoft product updates so that the Office Suite will be updated at the same time. Consider retiring particularly susceptible software such as Java or Flash, especially as many sites and services continue to move away from them.
- Download up-to-date security programs, including anti-malware software with multiple technologies for protecting against spyware, ransomware, and exploits, as well as a firewall, if your OS didn’t come pre-packaged with it. (You’ll want to check if your OS has both firewall and antivirus built-in and enabled by default and whether those programs are compatible with additional cybersecurity software.)
- Destroy all traces of your info on the hardware you plan on selling. Consider using d-ban to erase your hard drive. For those looking to pillage your recycled devices, this makes information much more difficult to recover. If the information you’d like to protect is critical enough, removing the platters where the information is stored then destroying them is the way to go.
- Do not use open Wi-Fi on your router; it makes it too easy for threat actors to steal your connection and download illegal files. Protect your Wi-Fi with an encrypted password, and consider refreshing your equipment every few years. Some routers have vulnerabilities that are never patched. Newer routers allow you to provide guests with segregated wireless access. Plus, they make frequent password changes easier.
- Speaking of passwords: password protects all of your devices, including your desktop, laptop, phone, smartwatch, tablet, camera, lawnmower…you get the idea. The ubiquity of mobile devices makes them especially vulnerable. Lock your phone and make the timeout fairly short. Use fingerprint lock for the iPhone and passkey or swipe for Android. “It’s easy to forget that mobile devices are essentially small computers that just happen to fit in your pocket and can be used as a phone,” says Jean-Philippe Taggart, Senior Security Researcher at Malwarebytes. “Your mobile device contains a veritable treasure trove of personal information and, once unlocked, can lead to devastating consequences.”
- Sensing a pattern here? Create difficult passwords, and never use the same ones across multiple services. If that’s as painful as a stake to a vampire’s heart, use a password manager like LastPass or 1Password. For extra hacker protection, ask about two-step authentication. Several services have only recently started to offer 2FA, and they require the user to initiate the process. Trust us, the extra friction is worth it. Two-factor authentication makes taking over an account that much more difficult, and on the flip side, much easier to reclaim should the worst happen.
- Come up with creative answers for your security questions. People can now figure out your mother’s maiden name or where you graduated from high school with a simple Google search. Consider answering like a crazy person.
- Practice smart emailing. Phishing campaigns still exist, but cybercriminals have become much cleverer than that Nigerian prince who needs your money. Hover over links to see their actual URLs (as opposed to just seeing words in hyperlink text). Also, check to see if the email is really from the person or company claiming to have sent it. If you’re not sure, pay attention to awkward sentence construction and formatting. If something still seems fishy, do a quick search on the Internet for the subject line. Others may have been scammed and posted about it online.
- Some websites will ask you to sign in with a specific service to access features or post a comment. Ensure the login option isn’t a sneaky phish, and if you’re permitting an app to perform a task, ensure you know how to revoke access once you no longer need it. Old, abandoned connections from service to service are an easy way to see your main account compromised by spam.
- Keep sensitive data off the cloud. “No matter which way you cut it, data stored on the cloud doesn’t belong to you,” says Taggart. “There are very few cloud storage solutions that offer encryption for ‘data at rest.’ Use the cloud accordingly. If it’s important, don’t.”
To get more updates, subscribe to TheWebOrion.com.