Friday, 3 July 2015

Too Much Hacking

Too Much Hacking

David Hayward grows a beard and goes to live in a cave

I was reading an article the other day regarding some extreme hacks, and it got me thinking about how much we, as a society, rely on technology and how easy it is for that technology to be manipulated by others.

The more I thought about it, and the more I looked into various hacking methods and what kinds of devices and connected technologies can be hacked, the more I became paranoid about the world around me.


I looked at the phone sat innocently on my desk and considered that the camera could be activated remotely, without me ever knowing and that my every move could be observed. And how the microphone could similarly be activated and every word I utter could be monitored. How my browsing history is an open book to some, where I shop, what I buy, how much money I have in my account, what I did last weekend… the list goes on.

By the end of it, I was quite prepared to chuck every connected item in the bin and live as a bearded hermit in deepest, darkest Cumbria. However, I came to my senses. And had a shave.

While everything we own may be hackable, you have to consider that unless you’re a celebrity posting naughty pictures of yourself or a politician with something to hide, then the chances of you being the subject of a full-blown technology hack are fairly slim. But it’s worth having the thought at the back of your mind as to just how vulnerable everyday devices really are.

Cash Points


Problem: Cashpoints are one of the more famous hackable connected items of modern-day technology. Most of them run older, unpatched versions of an operating system; some even still have Windows XP installed. This makes them especially open to specialised hacks, which can include secret security codes to bypass the user front-end (not very secret codes, I might add) and infected USB sticks that will automatically run a sequence of executables upon insertion.

Once the hacker has access to the engineer door at the back, all they need to do is tell the machine which cassette to empty, and the dispense operation takes place. The result is like winning a fruit machine: the cash keeps on coming.

Solution: For the banks, shops and other establishments who rent or own a cashpoint, the solution is to keep the machine under a careful watch without compromising customer security. Also, there’s the impossible task of keeping every machine and its operating system up to date and patched.

Will it work? Probably not. No matter what the security barriers are, inventive hackers will undoubtedly find a way around them in the end.

The Cloud


Problem: Cloud storage is a wonderful invention of modern times, an off-site storage facility where you can drop all manner of files, to be accessed by anyone who you give permission to anywhere in the world and from any connected device.

It’s quite surprising to hear what nontechnical people think cloud storage actually is. There are some imaginative answers if you Google them, but the overall point is that not many of them realise that a cloud is simply a group of computers held in a server room somewhere.

We all know that, of course, and with that knowledge comes the fact that pretty much any computer in existence can be hacked and its contents viewed by others. Take, for example, the infamous leaking of private photos from celebrities’ phones. All those celebrities’ accounts were hacked and their private photos copied for all the world to see.

Do you trust cloud storage? Most of the time, it’s fairly secure, but there are occasions when a set of passwords and accounts are compromised.

Solution: You could create your own cloud, using a NAS setup. That way you’re in control of the security. Alternatively, you could carry the information around with you on a USB stick or your phone perhaps.

Smartphones


Problem: Mobile security is one of the fastest growing industries in the technology world. Just recently there was a news report of a security flaw that left 600 million Samsung smartphones at risk of hacking. And, of course, there are countless stories of apps being able to access your camera, microphone, call list, contacts and other personal information. As an example, have you ever read the data policy for the Facebook app?

The amount of information we currently hold on a smartphone is quick shocking. Everything we do, everywhere we go and everyone we’re in contact with is all accessible to those who know how to gain that information. Scary stuff, isn’t it?

Solution: Maybe we shouldn’t place so much information on a device that’s constantly beaming out its location and telling the world “I’m over here!”

If we need to be in contact, perhaps an older device will do just as well? Or we could carry lots of 10p coins around with us for the dwindling number of phone boxes left.

Cyber Weapons


Problem: Stuxnet is credited as marking the beginning of the digital cold war. This malicious string of code was allegedly, according to the New York Times, created to wreak havoc on the Iranian nuclear facilities. The idea behind it, as far as we can tell, is that the code is transferred via bad USB sticks and infects systems by reporting good operation parameters while secretly causing damage to the hardware in the reactor.

There are naturally many theories regarding who created Stuxnet, but the finger of guilt mainly points to some agency of the US government. Whoever it was, they created one of the nastiest examples of cyber weapons in modern history – and Stuxnet is only the one we currently know about.

Solution: You may not see yourself as the potential victim of a cyber weapon, unless you put radioactive material out in your recycle bin. So how can something like this affect you?

Cyber weapons are just the baseline for intrusion and eavesdropping hacks. If current theories are even slightly correct, then there’s a good chance an unknown cyber weapon has already infected every connected computer OS in the world and is gathering information as we speak.

If that’s true, then there’s not much you can do other than totally disconnect and use a ZX Spectrum for word processing. That beard and hermit life in Cumbria is looking more appealing by the second.

It’s All Too Much


It’s enough to drive you insane, thinking of what may lie inside the billions of lines of code that continually whizz through the airwaves. However, let’s take a moment to ease the paranoia and remember that unless you’re someone who’s viewed as being special, then most hackers aren’t interested in you.

On the other hand, it’s worth taking sensible precautions and keeping your data as private as possible. You know, just in case…

How To Protect Yourself?


Unless you ditch every item of technology, there’s not a huge amount you can do if someone ‘really’ wanted to gain access to your data. However, there are options available to help limit the impact a hacker has on you.

• Use a good VPN for browsing, like CyberGhost (goo.gl/4LCkBV).
• Don’t bank from a mobile device.
• Read the small print on every installed app carefully.
• Avoid dodgy sites at all costs.
• Stay up to date with security patching and OS updates.
• Consider using a virtual image OS for browsing, a Linux OS designed for security.
• Use a sandbox installation environment.
• Don’t upload naked pictures of yourself!
• Consider using a banking book instead of your debit card.
• Grow a beard, in preparation of hermit life.
• Turn off your router at night.
• Don’t always be connected