A new bill being proposed would allow computer users to hack back any hackers that strike them. This will give them the ability to destroy any data stolen from them, as well as giving a little digital pay back. Leo says that it's hard to know where the attack is coming from and you could make matters worse for some innocent person who was also hacked, with their computers and email addresses used as an alias for the real hacker. He also says this is asking for trouble because hackers are far more sophisticated than their victims.
Equifax was recently hacked and over 143 million people had their credit information stolen. Even worse, Equifax executives sat on the news for five weeks while many executives sold stock before it would tank. Leo says that this was insider trading plain and simple. Equifax has a higher duty to protect user credit information because we are required to have our credit monitored. They had one job: Protect the data that they gathered without our permission.
Securing your online accounts is vitally important. The consequences of being hacked can be great — someone could lock you out of your email account. If that account is used for password recovery for your other accounts, then a hacker could get access to all of those as well. There are a few basic things that you should make sure you do to protect your email account:
1. Provide a secondary email address for recovery.
2. Provide a phone number for password recovery.
3. Turn on 2 Factor Authentication.
This week was the annual DefCon hackers convention in Las Vegas and Leo says that hackers are now more interested in creating hacks for the government, where they can make more money than hacking online. They also created a 3D printed robot that was able to crack a safe in 30 minutes. Leo says it's not super practical, but still cool.
Hackers have been stealing people's information, filing their returns, and getting the refund. Last year, the IRS noticed that the FAFSA online system could get enough personal information that it could be used by hackers. In October, the IRS sent a memo to the Department of Education saying that the system could be abused. But because up to 15 million people used the system out of convenience, they kept it online. In February, the IRS noticed a pattern of fraudulent activity, and shut it down last month.
There are a lot of ways that bad actors online can compromise your computer. As their techniques become more sophisticated, it becomes more difficult to know whether or not your system has been compromised. There are some signs to look for, however, to tell if your computer is affected by malware.
You can always scan your computer with antivirus software. Microsoft includes its own antivirus utility as part of Windows 8 and above. You can also use the Malicious Software Removal Tool by pressing the Windows Key + R, typing in "MRT," and pressing enter.
Ransomware has always been a terrible plague of the internet, where bad guys inject software into your computer through phishing emails. They usually trick you by saying it's from your bank, the IRS, or even your boss asking you to open something. When you do that, it's an application that runs and scrambles all of your data and asks you to give them money to get the data back.
A new article on Motherboard details how hackers used a spearfishing attack to get passwords and break into the email of members of the Democrat National Committee, namely John Podesta, and also Colin Powell. The attack came as a phoney message from Google that someone had their password and they should change the password immediately, along with a big "change password" button.
A Distributed Denial of Service Attack (DDOS) hit the internet yesterday, tossing several networks offline. Leo says this happens all the time as robot computers are drafted to clog networks with phoney requests. What's disturbing about this particular attack is that it's using not only computers, but it's taking advantage of smart devices used in the home (called the internet of things), like routers, DVRs, smart refrigerators, and even internet enabled home security systems.
Tyler does a lot of social media through YouTube and Twitch and he's been hit by a DDoS attack. Leo says that those attacks are easy and are usually done by a troll who has an axe to grind. But they can't go after Twitch, so he's attacking his personal IP address. Leo says to call the ISP and request a new address. Running through a VPN will prevent it since it's an encrypted tunnel and they can't see the IP.