For as long as there have been governments, there have been spy agencies, and for as long as there have been spy agencies, they’ve done spying. Spy agencies are always looking for ways to get information. Information is valuable, always has been, always will be. ~Avast CEO Vince Steckler
New documents from the many that were leaked by former US intelligence analyst Edward Snowden were published this week in The Intercept. They reveal that the U.S.’s National Security Agency (NSA) and its British counterpart, Government Communications Headquarters (GCHQ), spied on security companies including Avast, AVG, Kaspersky Lab, and Antiy. The spy agencies seem to be targeting non-American security companies; Avast and AVG are based in Prague, Czech Republic; Kaspersky is based in Moscow, Russia; and Antiy is Chinese. Together, these companies have nearly a billion users. No U.S. or U.K. -based companies were included in the list.
“Geopolitically, it makes sense that the NSA and GCHQ are targeting products that are prevalently used by foreign governments, like Kaspersky in Russia or CheckPoint in Israel,” said Steckler in an interview with RT News. “On the flip side, Russian or Chinese spy agencies may be similarly targeting products that the American government heavily uses, for example Symantec and McAfee. We’re hearing just one side of the story.”
Reportedly, the NSA and GCHQ experts reverse engineered the antivirus software in order to exploit it and prevent detection of their own activities.
“It is difficult to tell if the NSA, the GCHQ, or other government agencies have ever tried to reverse engineer our software,” said Steckler. “Even if they did, they would only be able to do so on the client side, which includes simple pattern detection. However, they could not reverse engineer our backend, which includes our sophisticated machine-learning classification.”
The documents also say that the organizations recommended monitoring customers who reported malware “to see if they’re into more nefarious activity.”
While some companies most likely partner with the governments in their home countries, that’s not something Avast does.
“The fact that the NSA may be targeting us – while some major U.S. and British security companies are left out from their list proves that we don’t work with the NSA and GCHQ,” said Steckler. “Ones not on the list quite likely provide their source code and thus there is no need to reverse engineer. Our commitment to our customers is to provide protection from all forms of spying.”
Mr. Steckler spoke to RT News, a Russian television network, about the new revelations. Watch the interview now,
Last night the pilot episode of MR. ROBOT, a new thriller-drama series aired on USA Network.
The show revolves around Elliot who works as a cyber security engineer by day and is a vigilante hacker by night.
I watched the episode and then sat down with Avast security expert Pedram Amini, host of Avast’s new video podcast debuting next week, to find out if someone like you or me could be affected by the hacks that happened in the show.
In the second minute of the episode we see Elliot explaining to Rajid, owner of Ron’s Coffee, that he intercepted the café’s Wi-Fi network, which lead him to discover that Rajid ran a child pornography website.
Stefanie: How likely is it that someone can hack you while you’re using an open Wi-Fi hotspot?
Pedram: Anyone with a just a little technical knowledge can download free software online and observe people’s activities on open Wi-Fi. We went to San Francisco, New York, and Chicago for a Wi-Fi monitoring experiment and found that one-third of Wi-Fi networks are open, without password-protection. If you surf sites that are unprotected, meaning they use the HTTP protocol, while on open Wi-Fi, then anyone can see, for example, which Wikipedia articles you are reading, what you’re searching for on Bing, and even see what products you are browsing for on Amazon and eBay, if you do not log in to the site.
Stefanie: Wow! That’s a bit frightening… How can I protect myself then?
Pedram: You can stay safe while using any public Wi-Fi network by using a Virtual Private Network (VPN). A VPN creates a virtual shield and tunnels traffic to a proxy server. The proxy server protects your personal data, thus preventing hackers from accessing your files and other sensitive information stored on your device.
We actually found that more than half of Americans connect to free and open Wi-Fi networks and that of the 55% who do, 76% prefer networks that don’t require registration or a password to connect, yet only 6% use a VPN or proxy while connected to open Wi-Fi.
Fast forward to minute 10:55. We see Elliot with his therapist Krista, whom he hacked (hacking people is clearly his hobby ).
Stefanie: Elliot says that hacking Krista was simple, because her password was her favorite artist and her birth year backwards. We know that you should always use a complex password, more than eight characters and that your password should include letters, numbers, and symbols, but do most people really have complex passwords? Could having simple passwords really put you at risk?
Pedram: Most people, unfortunately, do not have complex passwords. For example, we found that one-third of American’s router passwords contain their address, name, phone number, a significant date, and their child’s or pet’s name. Not only that, but last year we found that most hackers’ passwords were only 6 characters long and that the most frequently used word in their passwords was the word “hack”.
Having a simple password that is either a dictionary word or that is comprised of personal information can put you at risk
If you think about it, bits and pieces of our private lives are scattered on the Internet. Someone can easily do a quick Google search, check out some of your social media sites and with a little time and patience, they can figure out your simple password. Even worse, if you use the same password for multiple sites, you really make it easy for hackers to hack all of your accounts.
Moving forward to minute 25, Angela, Elliot’s friend and colleague, calls him for help because their client, E Corp, a multinational conglomerate, has been hit with a DDoS attack.
Stefanie: What is a DDoS attack? Can this affect the average computer user?
Pedram: DDoS stands for distributed denial of service attack and is used to make a service unavailable. In the end we discover that the attack on E Corp was actually based on rootkits that had subverted a variety of servers, but I’ll continue to describe a DDoS attack.
DDoS attacks are sent by two or more people, but more often by an army of bots AKA a botnet. These bots send so many requests to a server that the server becomes overloaded and cannot provide its service anymore. DDoS attacks target large businesses, so the average computer user does not become affected, unless the service they want to use is not available because it has been hit by a DDoS attack.
However, the average user can help facilitate a DDoS attack unknowingly. We researched home routers and found that millions are vulnerable. Routers are connected to the Internet 24/7 and can be easily exploited and used as a bot, which, as I explained, can be used in a DDoS attack. A famous example is the hack of the Sony Playstation Network and Xbox Live last Christmas – the hacker group claimed they used a router botnet for the attack.
To prevent this from happening, people should make sure their router firmware is always up-to-date and perform a router scan to check if their router is vulnerable or not.
In minute 55, Elliot tries to hack Krista’s new boyfriend, Michael. He calls Michael pretending to be a from his bank’s fraud department, confirming his address and asking him security questions to verify his account: what his favorite baseball team is, his pet’s name. Using the information he gathered combined with a dictionary brute force attack he attempts to get Michael’s password.
Stefanie: What is a brute force attack? Can this happen to the average user?
Pedram: A brute force attack is password guessing which systematically checks all possible passwords until the correct one is found. Think of it like a machine going through a huge dictionary of passwords that types each one into an account to unlock it.
Brute force was likely one of the techniques used in hacking the iCloud accounts which eventually lead to the nude celebrity pics from stars like Jennifer Lawrence and Kirsten Dunst being distributed over the Internet. This type of attack is not exclusively used against celebrities. Hackers can use brute force attacks to hack any user accounts, given they have account email addresses. Typically, they would target accounts that hold credit card or other financial information they can abuse for financial gain. This is why, again, it is vital you use strong passwords for all of your accounts.
Stefanie: Thank you for the chat Pedram. I look forward to discussing Mr. Robot’s next episode, Ones and zer0es with you next week!
You can watch MR. ROBOT on USA Network Wednesday nights 10/9 central.
Follow Avast on Facebook, Twitter and Google+ where we will keep you updated on the new Avast video podcast hosted by Pedram Amini.
Do you dream of lounging with an umbrella drink on a sunny beach, hiking by a pristine lake in the cool mountains, or leisurely strolling through a world class museum? As you begin to make summer vacation plans, much of it planned and reserved via the Internet, here are a few scams to be aware of:
Fake vacation rentals
Private vacation rentals are growing in popularity and it’s easy to find one these days through portals like Airbnb, HomeAway, and Craigslist. A typical scam starts with attractive pictures of a property in a desired location. The phony landlord, who is really a scam artist, requires an up-front deposit on the rental that is typically sent by wire transfer. When the happy family arrives at the destination, it either doesn’t exist, it’s not at all like it was described, or it is not available for rental. It may even belong to someone else, who lives there and has no knowledge of the transaction.
How to protect yourself from vacation rental scams
Don’t be fooled by pretty pictures. Photoshop is amazing and an artist can do all kinds of tricks with it. Ask the property owner to send you additional photos. You can even look it up on Google’s Street View to make sure the property and address actually exists.
Use your credit card instead of cash to make any deposits. Cybercrooks prefer cash, so protect yourself by using your credit card. If you get in a jam, Visa, MasterCard, and American Express can help you recover money lost to fraud.
Fake vacation packages
“You’ve won a dream cruise to Bingo-Bongo Island!” A message like this may come to you via email or you may get a phone call from a hard-selling travel operator. Similar to the fake vacation rental, you are required to pay a deposit for your luxurious resort or cruise. When you arrive, you find out that the package was misrepresented and there are additional fees to be paid to get the “great deal.”
How to protect yourself from vacation package scams
Legitimate offers give you their cancellation and refund policy, along with details of the location of the vacation, the name of the cruise line or resort, the length of time you will be there, and contact information.
Get a confirmation or booking number from the cruise line, hotel, or airlines rather than the travel agency confirmation number. If the cruise line is not on your credit card statement, that is a warning flag.
Free airfare scams
Airfare is a big chunk of your vacation costs, so receiving a discount is welcome. But victims of airfare scams often find that after they pay they do not receive a confirmation or that their credit card has been declined. The only way to get the discount is to pay by wire transfer, which leaves the victim without a ticket and no way to claim a refund.
Social media scams, like this Southwest Airlines scam that has been going around Facebook for a few years, lure prospective travelers to malicious websites with sweepstakes offering free airline tickets. Victims are asked to complete online surveys which reveal personal information, and agree to hidden offers in the fine print of the contest. They are encouraged to share the scam which then gets sent to all their Facebook friends. This type of scam has been known to spread “lifejacking” malware as well. That gives a hacker control of your profile so viral messages are spread to your friend’s accounts.
How to protect yourself from free airfare scams
If it’s too good to be true, it probably is. Don’t open unsolicited emails, take phone calls, or share social posts that offer a once-in-a-lifetime deal without first confirming it’s real.
Apple’s Worldwide Developers Conference kicked off June 8 at San Francisco’s Moscone West.
Earlier this month, I was lucky enough to attend Apple’s Worldwide Developers Conference (WWDC) in San Francisco, where mobile developers from far and wide came together to learn about the future of iOS and OS X systems. Along with being the first time I was able to participate in this sought-after conference, it was also my first time visiting San Francisco.
Once you get past its glitz and the glamour, the majority of the event revolves around waiting in a series of queues — the day before the actual event began, the line for the event’s keynote lectures had formed around an entire city block. Although I wasn’t one of the first people to camp out there, I did arrive around 5:30 a.m. on Monday to stake out my spot. While the masses of people at WWDC can be a bit overwhelming, there really isn’t a better place to meet thousands of like-minded developers with whom one can strike up an interesting conversation discussing the ins and outs of of iOS development.
This year, Apple hosted 5,000 developers from 70 different countries, the vast majority of whom were present at WWDC for the first time. The WWDC Scholarship Program awarded 350 scholarships to recipients, the youngest of whom was Kiera Cawley, a 12-year-old app developer who has been coding since the age of nine. Apple CEO Tim Cook made a guest appearance at the conference’s special orientation session, mingling with the recipients and even taking selfies with some of them.
WWDC 2015
OS X EL CAPITAN — what a name! At first, I thought it had to be another joke from Craig Federighi, but I was wrong. A noteworthy new feature in El Capitan is the split view mode, which allows us to work on two apps simultaneously. Apple claims that there has been a 1.4x time increase in app launch times and 2x improvement in app switching speeds. In general, Apple has been quite busy and has made huge improvements for developers. The most exciting news is that Apple will be making Swift open source later this year — a big step forward for the developer community.
The recent release of iOS 9 makes the entire system smarter and more secure. Now, users can run two apps at once on an iPad, side by side in split view (the same feature present in OS X). This will be challenging for developers who still don’t prefer Auto Layout. For the rest of us, though, it works quite well. It’s also possible to make activities and documents within your app searchable using Spotlight or to include special links on your site that launch your app at a specific view. And yes, it’s still necessary to support iPhone 4s on iOS 9. However, it should be more optimized now more than ever before.
Jennifer Bailey announced release of Apple Pay in the UK next month. This was a bad piece of news for the developer sitting right next to me. He was working as a freelancer for a company that provides mobile payments in the UK via iOS. “My company is screwed and I should start looking for a new job,” he said in response to Bailey’s announcement. Apple Pay’s imminent launch is, unfortunately, not the best update for people whose jobs revolve around mobile payments.
During the rest of the week, Apple featured 100 sessions and labs, and over 1000 Apple engineers were present and ready to give me advice. UI Design Lab was the most popular workshop at the conference, and you could count on the fact that there’d be a huge line every day. After trying to get into the session every morning, I was finally able to make an appointment on Friday. In the end, it was worth the wait.
All in all, WWDC was a great opportunity to meet an impressive collection of talented developers and to discuss the vast amount of progress Apple has been making within the mobile sphere. See you next year, Apple!
VPN service Hola, which has millions of users, recently came under fire for not being as up front with their users as they should have been. In the past weeks it has been revealed that Hola does the following:
allows Hola users to use each others’ bandwidth
sells their users’ bandwidth to their sister company Luminati (which recently helped facilitate a botnet attack)
and, according to Vectra research, Hola can install and run code and additional software on their users’ devices without their users’ knowledge.
If you are an Hola user or if you know someone who uses Hola, please make sure you/they are aware of this.
The service, which can be downloaded either as an app or as a browser extension, is a peer-to-peer network that allows people to use other Hola users’ bandwidth to anonymize their browsing activities and to circumvent geo-restricted content.
What many users did not realize is that they were essentially exit nodes and other Hola users could use their bandwidth to carry out illegal activity, like accessing child pornography.
Additionally, Hola sells its users’ bandwidth to its sister company, Luminati. Prior to the end of May, Hola did not mention Luminati on its website. Luminati’s premium service, which was originally advertised as being an anonymization network, uses Hola’s users as nodes to redirect traffic through. Hola’s connection to Luminati was exposed after a Luminati client launched a DDOS attack on 8chan, using Hola’s network (users) as a botnet.
Researchers at Vectra, a security company that identifies cyber attacks, dug a little deeper and discovered that Hola can also download and install additional software without the user’s knowledge and can install and run code without the user’s knowledge as well. Furthermore, Vectra found that Hola contains a built in console, “zconsole”. Zconsole allows direct human interaction with an Hola node even when Hola is not being actively used by a user. With access to the console an attacker could, as Vectra points out, “accomplish almost anything” and launch a large and targeted attack.
What we can learn from this
There is one main lesson people should learn from the Hola situation: research the products you download and use.
What many people may not have been aware of in this situation was how their bandwidth could be abused by fellow Hola users and how much control Hola had. A VPN helps you to anonymize all of your browsing activities – and to access content in geo-restricted regions by redirecting it through other servers. This can, for example, be useful if you travel or live abroad and want to access content from your home country.
What you should research before choosing a VPN service
Before deciding which VPN service to use, research the VPN provider and make sure the provider you choose is trustworthy. Find out what methods they use. If they use servers to redirect traffic through, make sure you know who owns the servers, what they do with the data that flows through the servers and whether or not they keep your data or sell it to third parties.
Avast for example, offers free antivirus, but our Avast SecureLine VPN is a premium service. We charge for our VPN services, because we pay extra to own and maintain servers around the world to redirect traffic through. We do not log the data that flows via our VPN services.
Know how much control your VPN service really has Hola is available as an app and browser extension and as mentioned above, Vectra found that Hola is able to do a lot more than just redirect your traffic. Hola can download and run additional code through your browser, without your knowledge. Of course a VPN service is always going to have access to your personal data (otherwise it wouldn’t work). However, even if they don’t provide a VPN feature, browser extensions have immense control over your browser that most users may not be fully aware of.
“Browser extensions can see everything you see in your browser, as well as everything you type in your browser, including passwords. Untrustworthy browser extension vendors can easily misuse this data and it is therefore extremely important that users be careful when choosing which browser extensions to install. On top of that, browser extensions can also manipulate search results and slow down your browser.” Thomas Salomon, head of Browser Cleanup product development at Avast.
What you should do before downloading a browser extension
When deciding on whether or not you should download a browser extension, you should also first make sure the extension comes from a reliable and trusted source, read both professional and user reviews about the extension and read the extensions terms and conditions before downloading it.
What you should do if you have a bad extension installed on your browser If you are worried that you may have malicious extensions (they are often added when installing an otherwise legitimate program without you even noticing) installed on your browser or have an extension that is difficult to remove, you should run Avast Browser Cleanup. Avast Browser Cleanup is a tool that removes malicious and poorly rated add-ons and restores your browser to its initial and clean state. Avast Browser Cleanup is included in Avast and is now also available as a stand-alone product.
Keeping your browsing safe
Our browsing information is extremely valuable: we bank online, keep in touch with our loved ones via email and social media, search for everything under the sun on the Internet. Piece all this information together and you have someone’s complete identity, not something you want to hand over to just anyone.
VPNs and browser extensions, like Hola, become dangerous the minute they abuse their power, without openly informing their users of what they are doing. It is therefore vital that you are aware of what software you have installed on your computer and what extensions you have installed on your browser to keep your private information private.
Every June, a select group of students from high schools and middle schools in San Diego County, California, get five days of intense education in the art of defending computer systems.
We rely on our apps. Every day, we use our favorites to check the news, the weather forecast for our upcoming holidays, and to communicate with our beloved ones. Some apps, especially system apps, are continuously used regardless of other apps that are in use. Keyboard is one of them.
Recently, a dangerous vulnerability was discovered in the most popular keyboard, SwiftKey. The app always checks for language updates, but this process is not performed in a secure way. If you’re connected to an open or public Wi-Fi network, your phone is under risk of a very common –and dangerous –attack: the man-in-the-middle. MITM compromises your connection, allowing a third party to eavesdrop on your Internet activity. This includes the passwords you’re entering using the very same keyboard, your financial information—everything.
Your security depends on the use of a VPN. You probably already know what a VPN is and how it works. If not, you can find a lot of information in our blog. Like our product Avast SecureLine, a VPN creates an encrypted tunnel for inbound and outbound data of your Internet connection, blocking any possibility of a man-in-the-middle attack.
There is another need for a security program. When Google updates its app permission scheme in Lollipop, we’re alerted of a possible abuse of the scheme if an app requires more permissions under the “Other”category. However, in the next Android version M, apps will not ask permission for Internet connection (as you may think that any app requires Internet connection, right)?
If you have a Samsung S4, S5 or S6, running the stock operational system still poses as a risk —currently, the vulnerability has still yet to be resolved by SwitfKey nor Samsung. On the brighter side, you’re in luck if you use SwiftKey from Google Play (as an user app, not a system one) as it does not suffer from this issue.
You’re as secure as your apps’developers allow them to be. As shown in this case, even the most useful, popular app can contain vulnerabilities that could be abused without making use of proper protection when connecting to open Wi-Fi networks and having an up-to-date security app running in your Android..
Just about a year after a plethora of celebrities’ nude photos were leaked online, two homes in south Chicago have been raided and investigators have named one of the suspected hackers. As this controversial story and investigation continues to unfold, Avast researchers have come up with a few speculations regarding the origin and motivation behind the initial hack. We’ve discussed the case with one of Avast’s security researchers, Filip Chytry, who has put in his two cents about the situation:
GR: Why might have Apple not flagged or investigated an IP address’ 572 iCloud logins and attempted password resets?
FC: “Putting it simply, Apple just doesn’t have security implemented on this level. Even though they might sound large to us, attempting to track this number of logins and attempts to reset passwords is similar to discovering a needle in a haystack when it comes to Apple’s ecosystem. To give you a better idea of what I mean, a group of users who are connecting via a VPN and using the same server will appear under a single IP address. On the other hand, it’s quite common these days for companies to implement an automatic system which is capable of detecting any source(s) of traffic. It could be an automatic system which is able to learn from daily traffic and, using gathered data, detect if there is an anomaly present (such as the one in this case). Another key factor relevant in this attack is the timeframe over which it took place. If the hackers had accessed the various accounts over a much shorter period of time, such as a few hours, it would have undoubtedly been a huge red flag for Apple.”
GR: Couldn’t it be that a neighbor or another person in a remote location could have used the two PCs as a bot to execute the hack, similar to what’s discussed in the Tweets published within this Fusion article? Could it be that someone took control of the two PCs or the routers they’re connected to and used them to perform the hack?
FC: “Although DNS hijacking could very well be the culprit here, the extended period of time over which the hacks occurred makes this possibility less likely. It’s my theory that the suspected hacker(s) could have accessed the login details of a certain database that was uploaded by other users on a warez forum. They could have then used these login details to execute the iCloud logins using a script.”
There are a handful of coincidental components present in this investigation, leaving many questions unanswered in terms of finding the true path that led to the celebrities’ photos getting leaked. To many of us, the main thing that seems fishy about the malicious attack is the fact that the potential hackers didn’t make use of an IP-masking or anonymizing tool, making them come across as rookies within the hacker world. Since the cybercriminals behind this case didn’t appear to be clever enough to anonymize themselves, it’s even possible that they had ulterior motive for performing the hack in the first place – perhaps to be noticed and/or admired by other individuals or businesses. Based off of the current facts, we’re highly interested in seeing which direction this malicious attack’s investigation will take next.
Many of the Wi-Fi hotspots you use in your hometown and when you travel have major security flaws making it easy for hackers to see your browsing activity, searches, passwords, videos, emails, and other personal information. It’s a public Wi-Fi connection, meaning that you are sharing the network with lots of strangers. Those strangers can easily watch what you’re doing or steal a username and password to one of your accounts while you sip your latte.
An easy and affordable way to maintain your security whenever you use free Wi-Fi is to use a virtual private network (VPN). It sounds techie, but Avast has made it simple.
A VPN service, like our SecureLine VPN, routes all the data you’re sending and receiving through a private, secure network, even though you’re on a public one. That way, SecureLine makes you 100% anonymous while protecting your activity.
We have servers all over the world so you can connect to our virtual locations anytime you don’t want anyone to monitor or log your Internet activity. We just expanded SecureLine with an additional 10 servers to ensure you have a faster connection speed.
One of the great bonuses of SecureLine is that it allows you to visit local websites restricted to visitors from abroad. With SecureLine connected to a local server, you can watch your favorite shows or listen to streaming radio in another country. That’s because SecureLine makes it look like you’re connected from the right location to access the content. (You know those countries that have blocked Facebook, YouTube, and Twitter? A VPN is how people can still connect.)
When you connect SecureLine on your PC, Mac, or Android phone, here’s what you can expect.
1) Privacy protection – hides your Internet activity anywhere on the web
2) Bypassing geo-restricted content, so you can watch your favorite content
3) You are anonymous – we don’t log what users do when connected through SecureLine
4) Ease of use – only one click and you are connected to one of 24 servers worldwide
How to use SecureLine VPN
SecureLine VPN is part of Avast Antivirus. Simply open your Avast user interface, choose the Tools option in the left menu, then click the SecureLine VPN button. Licenses for Windows, Android, and iOS versions of Avast SecureLine VPN are separate.
Supports: Windows, iOS 7.0 or later, Android 4.0 and up
Servers: North America – Chicago, Dallas, Miami, New York, Salt Lake City, San Jose, Seattle, Montreal, Mexico City; Europe – Prague, Frankfurt, Madrid, Paris, London, Amsterdam, Warsaw, Bursa, Saint Petersburg; Asia/Oceania – Hong Kong, Tokyo, Seoul, Singapore, Melbourne
Forget about shoplifting or painting graffiti on the wall at midnight. Opportunistic teens are turning to cybercrime to get their kicks these days.
Teenage hackers range from pranksters to international kingpins.
A 14-year old boy in Florida was recently arrested and charged with a felony offense for unauthorized access against a computer system. The 8th grader said he was playing a prank on his teacher when he used the teacher’s administrative password to log onto a school computer and changed its desktop background to an image of two men kissing. The password was the teacher’s last name, and the prankster said he figured it out by watching the teacher type it in.
Across the country in California, two high school students were arrested for allegedly hacking into the school’s website and changing grades for about 120 students. It’s another case of “unauthorized access” and the school is working with the Cyber Crimes Bureau of the Los Angeles Sheriff’s Department to investigate.
Those two “cybercrimes” can’t compare to the one out of New Zealand. Police have detained an 18-year old they call the kingpin of an international cybercrime network. Together with other young adults in New Zealand, the US and elsewhere, he is accused of running a botnet comprised of 1.3 million hacked computers and skimming millions of dollars from victims’ bank accounts. The teen likely will be charged with having unauthorized access to computers and possessing computer hacking tools — charges that carry a maximum sentence of 10 years in prison.
Why are teens attracted to cybercrime?
One reason may be that it’s fun. Hackers were asked in a survey why they do it, and more than half said it provided them with a thrill. They also think they won’t get caught. Eighty-six percent of them aren’t worried about getting discovered or ever facing the consequences of their actions.
Others just want to prove their skills. Remember when the Australian teenager hacked Twitter because he was bored? That was back in 2009. When asked by The Independent why he did it, his response was, “To see if it could be done.”
The big rewards and rock-star status can be tempting. Rolling Stone did a story on a South Beach (Miami) 20-something year old hacker who had a glitzy, drug-fueled lifestyle while presiding over an international cybercrime ring that stole over 170 million credit and debit card numbers, estimated at $200 million.
Keep yourself safe online
It doesn’t really matter if it’s a bored teenager down the street or an underground cybercrime ring operating out of bunkers in a far away foreign land, you still need to take basic precautions to keep yourself and your data safe.
1. Make sure you have up-to-date antivirus protection with a firewall.
2. Keep your software and operating system up-to-date.
3. Be cautious of clicking on links in unfamiliar emails. Don’t provide personal information online, such as your password, financial information, or social security number, unless you are absolutely sure of where you are adn who you are dealing with.
4. Use strong passwords, and don’t use the same one for Facebook that you use for your bank. This blog has plenty of tips on how to create unique passwords and remember them too.
5. Learn what to do if something goes wrong. Find out who the appropriate authorities are in your area by contacting your Internet Service Provider or the Internet Crime Complaint Center.
