{12:28} But if I cast out devils by the Spirit of
God, then the kingdom of God is come unto you.
{12:29}
Or else how can one enter into a strong
man’s house, and
spoil his goods,
except he first bind the strong
man? and then he will spoil his house.
{12:30} He
that is not
with me is
against me; and he that gathereth not with me scattereth abroad.
Excerpt from Matthew 12
vs 28 – 30 in the King James Version of the Bible
By
now you must have heard of the famous hack by a Russian Gang that stole some
1.2 billion Logins and passwords from 420,000 websites over a year long period as
reported in the article “Hackers
nab 1.2B passwords in colossal breach, says security firm”, published
August 5, 2014 6:10 PM PDT by Dara Kerr, CNET
News
According
to the article “Russian
Hackers Amass Over a Billion Internet Passwords”, published AUG. 5, 2014 By
NICOLE PERLROTH and DAVID GELLES, The New
York Times once they’ve amassed enough information, they’d assess the level
of security of the website.
They
basically used common Website and Network analysis tools to do what’s often
referred to as scraping i.e. combing the websites for html (Hyper Text Markup
Language), CSS (Cascading Style Sheet), PHP and Java Script Errors using
special Network and Website Analysis Tools.
These
Tools are listed in as explained in my blog article
entitled “GOJ
securing Government Websites against Hackers - Linux-based GovNET to remove
Windows vulnerabilities and change Human Behaviour”:
1.
Micro System
Tools A1 Sitemap Generator to create sitemaps of Websites
2.
HTTrack
to
download the entire website for analysis and deconstruction
3.
Atomic
Email Hunter and to scan websites for email
4.
Atomic
Email Sender to send anonymous spam email to perform
phishing attacks
There
are more advanced tools that these, but for the sheer sake of NOT creating
wannabe hackers, these are the only one I’ll list sans hyperlinks to them; you’ll have to Google that yourself!
If
it has enough exploitable vulnerabilities, they then set up the usual Botnet
Network to forcibly brute force lists of passwords to gain access to Admin
Level Access within that Website as described in my blog article
entitled “How
Scammers and Hackers are on the Rebound Laundering Money - Minister of National
Security Peter Bunting misguided on Scammers”.
How to protect yourself
from being Hacked – Defense Against the Dark Arts of Hacking and Phishing
As
the title says, this portion of my article focuses on protecting yourself from
being hacked, as right now, with 1.2 billion Websites Login and Passwords, no
security company can protect you from something that’s NOT a virus. I’ve
already dispensed advice on how to reduce your chances of being hacked in my
previous blog articles as listed above.
But
as this is a unique and unprecedented hack, the largest in history that I know
of, my sage advice distilled in those previous articles is worth re-bottling
and repeating ad nauseum: Make sure
to use a Secure password. As the Bible verse at the top of my article implies,
for someone to break into your house, they have to defeat the system (the
strong man) before they can break into your house.
So
here are a few Tips distilled from the articles “The
guide to password (and why you should care)”, published May 10, 2012 12:55
AM PDT by Sharon Profis, CNET News and “You've
been hacked! Here's what to do”, published August 6, 2014: 12:55 PM ET By
James O'Toole and Jose Pagliery, CNNTech News
to help you secure your Login in case you’re in that Russian Hackers List of
Login and Passwords:
1.
Use a strong password, preferably made
up of a mixture of alphanumeric characters i.e. Capital and common letter and
numbers in no particular order. 16 to 20 such characters should suffice.
2.
Don’t use the same password for every
account you have online, even if the password is secure. Have separate
passwords for every account you have
3.
Do not store passwords in documents in
your computer. That’s like keeping a key under your flowerpot. If the hacker
finds those keys, he’s got access to everything
4.
Change your password every 30 days or
more often to create adequate password rotation and thus baffle hackers
5.
If you online accounts have two step
verification i.e. password and a code sent to your cellphone via SMS, then
enable it as a means of preventing hackers from gaining access to you account
6.
Disconnect your computer from the
Internet when not in use. Hackers take advantage of the fact that many
homeowners and companies operate in an always-on environment, giving them time
to hack accounts and then computers
7.
If you use your passwords in a cybercafé
or Internet Café, be careful of persons lurking around and installed keyloggers
as explained in my blog
article entitled “Professor
Marco Gercke warns of Scammers using Keyloggers for Spear Phishing - How to use
Keyloggers and how to Protect yourself from Scammer's American Hustle for Fast
Cash”.
8.
Don’t respond to emails from unknown
sources or click on Links in these emails. That’s all the hackers needs to set
up a phishing attack. Just mark them as Spam and delete them.
That’s basically it.
If
you having problems creating and rotating passwords, you can automate that process.
Download
Random Password Generator,
a program that can randomly create passwords for you to use online. If you
can’t remember all your passwords, use LastPass
or 1Password
as third-party options to handle your passwords for your various Applications
and accounts. Finally, use How
Secure is my Password as a means of testing the security level of your
password.
Using
Secure Passwords for each of your services that you rotate often and not
responding to suspicious emails and links is the best Defense Against the Dark
Arts of Hacking and Phishing.
And
chase those Devils out of your Computer! Here’s the link:
No comments:
Post a Comment