The latest hack is the largest data breach we’ve seen yet, but the way to proceed from here forward hasn’t changed.
Hackers are showing their faces in growing fashion these days, and data breaches are becoming more and more common. The recent Russian hacking event is the second in less than a year, after the massive Target data breach via a Wi-Fi network – over which Target’s CEO “forcefully” resigned. While these events are growing in occurrence, these aren’t first-time events; hacks have happened before, and yet, the Internet pushes forward.
Our information is important, but there’re a few questions we need to answer in order to think through the latest data breach correctly.
Did Russian hackers really steal user data, or is this a clever bluff?
Did Russian hackers really steal 1.2 billion usernames and passwords, or is this just another scare tactic? If it’s a scare tactic (which we doubt it is), what’s the point? If hackers were to say, “Okay, we have all your username and password information,” what do they hope to gain by it all? Do they just expect you to throw your hands up and say, “here’s my social security number, credit card number, and other personal information”? If the latest Russian hacker event is nothing more than a scare tactic, there’s nothing to be gained by going through with it. And, to be honest, we don’t think Russian hackers would play around with scaring people if they could instead spend their time stealing actual user data: credit card information, social security numbers, and the like.
With that said, what are some things you can do if you want to take some action in light of the latest hacker event?
Tips on how to handle hacker events
What can you do if you want to take action against hackers both now and in the future? There’re a few things you can do. First, be sure to take advantage of websites that offer two-step authentication features such as Google’s Gmail and others. There are a number of cloud storage services such as Box that alert you when another device from the parent one accesses your cloud storage. If your cloud storage account is based on your laptop, but you access it from your smartphone, Box will contact you to alert you of the access. This is a good way to know if you’re accessing your account or if some hacker’s got his dirty fingers in your information.
Another good way to protect yourself against hackers is to ensure the strength of your user information. Now, in the last few years, a number of sites have warned individuals against using easy passwords – and a number of sites will prevent you from signing up for a service if your password is “weak,” as they say. You need a strong password that includes numbers and letters and a combination of those that’s not predictable.
You should also try to make your username unpredictable as well. Most individuals type their name, or a basic username (all letters), without considering that having an easy username makes obtaining the password that much easier.
Password managers can also ease the process. Password managers keep your information stored on your computer so that hackers can’t access it remotely. Apple’s iCloud Keychain is a good example of a password manager, although there are others. The purpose is to help you keep track of all your passwords while you browse the Web. At the same time, however, this can also be a tool that falls into the wrong hands should your smartphone or tablet get stolen.
Next, check to see if you can enact certain security measures on your mobile devices for websites you use regularly. For example, Android smartphone settings allow you to enact a blocker that won’t allow you to download third-party apps outside of the Google Play Store. This will prevent hackers from downloading malicious app content onto your device remotely that can then take over your device and steal all of your personal information. You can also do this with websites, by not saving your passwords and by logging out of sites on a regular basis.
What can you do, ultimately? Not much. Hackers such as CyberVor won’t be punished in the US or in other countries, and they either have your personal information or not. While they stole emails, usernames, and passwords, they didn’t steal credit card data and social security numbers as the Target hackers stole several months ago. This is good news because you can always enact new passwords and usernames to wrangle an account back under your control.
At the same time, however, hackers will be hackers, and the Internet will be a place that requires risk whenever you log onto any website. The key to having a successful experience for a lifetime with the Internet is to keep in mind that you are your information on the Web. If you wouldn’t post pictures exposing yourself on the Web, don’t negligently share your information with every social network, instant messaging app, and online dating service that comes to mind. Vigilance and precision are key.
In the end, we would recommend that you not use maintain your passwords on any sites at all. While we would recommend keeping your usernames and passwords in the same place, we wouldn’t recommend that you stay “logged in” to regular sites – nor would we recommend using the same username and passwords for all your sites. We would say that you should’ve some combination of passwords and usernames, even if you use a certain set of username/password combinations. The point is to not allow your information to be easily obtained.
You can’t stop hackers, but you can make their jobs more difficult. And hackers are thieves, no different than common thieves: if thieves attempt to break into your car and can’t because of shatter-proof glass, they’re unlikely to continue trying to break into your car because it takes too long – and they’ll risk getting caught. Online thieves are no different: if it takes too much effort to break into your accounts, they’re less likely to worry with you and move on to an easier victim.
The goal is not to make your accounts hack-proof, but to make them less accessible. You’ll never be able to make them hack-proof, but you can aim for greater Internet security and defense. And, once we stop giving attention to hackers and stop allowing them to feed off our fears about Internet security, they’ll go away. We promise.