How Many Sites Are Hacked?
That doesn’t seem to be a question that can be answered with any precision. Reason? There are just too many, as in this graphic from a site that does track hacks. The answer it gives is “thousands each day.”
In 2014 a CNN headline read “Half of American adults hacked this year.” That could mean anything from a person’s account being included in a large data breach to an individual computer being infected with malware. So the statistics are not reliable, but the implication is clear. Many users are being hacked, and all indications are that it’s getting worse, not better.
While protecting yourself against hacks should be the name of the game, it’s important to know when you have been hacked.
How Do You Know You’ve Been Hacked?
The easiest way, of course, is if a site sends an alert that an account has been hacked. Financial services sites keep a careful eye on the accounts of customers and are often quick to notify them or potential problems. I’ll write an entire post on keeping those accounts safe at a later date because it’s so important. As suggested in the post on breaches, companies should notify users that accounts might have been breached. That’s a strong signal to watch out for an actual hack. But that’s exactly the point. Individuals need to watch their accounts for sign of a hack and take remedial action.
Signs your computer may have been hacked include:
• Device running noticeably slower
• Network activity noticeably higher
This can be a rather complex issue. The simple answer is if a device bill has gone up without explanation. Some devices or the bills for them show data consumption and that’s one way. See whether your wifi router has protection and reporting options built in. Ask your service provider if you need to understand something going on with the account consumption figures or billing.
• Pop-up ads with malicious content
• Security software uninstalled
• Sending spam email
• Unable to sign into accounts.
A blog called Livewire puts it in a colorful way:
You opened an e-mail attachment that you probably shouldn't have and now your computer has slowed to a crawl and other strange things are happening. Your bank called you saying there has been some strange activity on your account and your ISP has just "null routed" all traffic from your computer because they claim it is now part of a zombie botnet. All this and it's only Monday.
There are many more specifics, but a user should be on the alert any time strange and inexplicable things start happening on any connected device First, a short set of recommendations on prevention. Virtually everything I write in this blog will have some relation to preventing hacking. Then, a set of recommendations on what to do if you have been hacked.
How Do You Prevent Hacking?
The first and foremost way is to keep your computer and home network security up to date. Be sure you have an operational security system and that it’s updated as needed. Individuals often get security software for free when they buy a new device. They may also be able to get free security software from their ISP. Free is good and in my experience the software offered is one of the leading brands. When for some reason you must purchase a security system, search for the brand and read what it says and what is said about it. At a minimum the software must have a firewall that protects against malicious activities and strong protection against viruses. If parental control is important, look for that. Some also have backup and computer optimization tools.
Be sure that, at a minimum, the software includes protection against viruses, malware, dangerous websites, malicious emails and downloads, and hackers. Many products offer additional services that users may or may not need. What most of us do need today is protection on multiple devices.
There are other steps you should take like making sure your passwords are strong and safe. Those will be covered in future post. For now, let’s look at what to do if it seems that a computer has been hacked.
What To Do If You Think You’ve Been Hacked
There are millions of articles online about what to do if a computer seems to have been hacked. I encourage you to search and to read some of the top-ranked ones. I’m going to summarize the non-technical steps that can be taken immediately without cost or much effort.
The first thing to do is to manually start a virus scan; don’t wait for it to start automatically. Carefully review the report, but it is important to remove all the infected files.
It is a good idea to do a separate malware scan especially if you are unsure whether the security system software includes that. I’ve been using the free version of Malwarebytes for years. Early on, it would pick up a lot of malicious accounts. Now it usually picks up only a few, suggesting that my security software is more effective than it used to be. Even one malicious item is one too many, though, so run a malware program to be sure.
Then change passwords that might have been caught up in the hack. If the hack is part of a large data breach, that pinpoints the affected account(s). If it’s email, change that password and consider notifying your contact list not to open anything suspicious that comes from you. If it’s not easy to identify the affected accounts, change all the passwords for sensitive accounts like banking and credit cards.
Take these first two/three important steps in this order to rid the computer of the virus which may be stealing passwords.
Examine the account that has been hacked to be sure that data like billing and shipping addresses is correct. If the site has a procedure to follow for hacked accounts, be sure to follow it.
Request a free copy of your credit account and review it for suspicious activity in existing accounts and for accounts that may have been established without your knowledge. This is not the same as the credit score, it’s a detailed account of activity on all credit card and loan accounts. Each person can receive a free credit report each year from each of the three large credit monitoring agencies. It’s usually best to request one at a time with a delay between requests to stretch the time period covered as much as possible.
If problems continue, you may need to take more technical measures. This is a recent blog post that gives a process. If it is daunting, the best solution may be to take the computer to a professional.
Better Safe Than Sorry
It’s a huge pain to deal with a hack, so prevention really is the name of the game. I’ll place continuing emphasis on that in future posts.
Until then, stay safe!
No comments:
Post a Comment