Around 11 a.m. on New Year’s Eve day, a Facebook friend in India sent an urgent message: My website had been hacked. Sure enough, when I went to my site and right-clicked my mouse to view the “source code” (the gibberish that shows what’s going on behind the scenes), I discovered that in addition to being a journalist and social media teacher, I was now also a purveyor of erectile dysfunction products.
As his night ticked down toward midnight, a man I know through techie forums and whose expertise I respect spent half an hour guiding me through the many steps of a website cleanse.
The irony wasn’t lost on me. Though a putative Internet maven, I fell into the clutches of a cyber-criminal who was clever enough to use my website to earn himself some money. Yet not once did I think, “How could this have happened to me?” Precisely because I am technologically savvy, I know that no one’s data is completely safe on the Internet.
(MORE: Block Identity Thieves With Enhanced Computer Security)
The Myth of the Strong Password
The new realities of Internet security are hitting our generation especially hard. After all, we were the ones who pioneered computer use — something today’s cool-kid Web 3.0 culture tends to forget. Our confidence in the medium is understandable.
Since the early days of ecommerce, vendors have gone to great lengths to assure us that our personal information is safe. At first we relied on just any old password, but recently we’ve been waking up to the importance of stronger passwords. Many sites now give instant feedback as to how “strong” our password is. Then, of course, there are all those security questions.
When we do hear about a breach, it’s often one that's impacted a corporation or the result of a “naïve” person who's done something foolish. Most of us feel pretty confident that it would never happen to us.
Invasion of the Identity Snatchers
The world of cyber-security underwent a game-change last summer, when not one but two top tech writers were spectacularly hacked. Mat Honan, a writer for Wired, was cyber-attacked by a 19-year-old who wanted his highly coveted three-letter Twitter handle @Mat.
To get it, the kid (who goes by “Phobia”) and a friend wiped out Honan’s entire digital life — in about an hour. It started with a call to the Apple Help Desk, and Phobia was able to give just enough data to convince the agent that he was Honan. That one password gave him the keys to the castle.
As Honan described in Wired, “First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.”
Honan also thought he had lost every picture he had of his one-year-old daughter, since he hadn’t been backing up his hard drive. Ultimately he was able to recover some of his passwords (from his cloud backup, Dropbox, on his wife’s laptop) and then his data. But it was an expensive lesson: He wound up spending $1,690 for the entire recovery.
Something similar happened to New York Times tech writer David Pogue a month later. His hackers were able to reset Pogue’s Apple password by answering security questions online. The model of Pogue’s first car? His current car? Where he was when the new millennium began? The answers to the first two questions were found on a Google search (Pogue has written about his cars). As for Y2K? They made a good guess. Where are most people on New Year’s Eve? A party. Once into his account, the hackers wreaked havoc with his address book and locked Pogue out of his kitchen iMac.
Don’t miss out on MORE great articles like this one. Click here to sign up for our weekly newsletter!
Photo courtesy of Maksim Kabakou/Shutterstock.com