When Wired News reporter Mat Honan had his digital life hackedand subsequently, virtually wiped outin August, the significant loss of data he endured wasn't the scariest part of the experience. Much more terrifying was the method by which hackers drilled into his digital accounts.
Using clever social engineering exploits, the hackers posed as Honan and succeeded in extracting key bits of personal information from Amazon and Apple customer support. With the critical data in hand, the hackers then locked Honan out of his Google account, commandeered his Twitter stream, seized control of his Apple ID number, and wiped his computing devices clean.
It was momentarily life-wrecking, at least.
If a hacker wanted to ruin your lifewhether by identity theft or by a simple Honan-esque data wipehow difficult would that objective be to achieve? The answer is that it's likely a lot easier than you think.
Are you an easy target?
According to a recent Harris Interactive poll commissioned by Dashlane, a company that manages passwords and personal data, most online Americans are concerned that their personal data might be used online without their knowledge. Approximately 88 percent of the 2208 adults surveyed cited being at least "somewhat concerned," and 29 percent claimed to be "extremely concerned." In addition, three out of five respondents were worried that they were vulnerable to being hacked.
John Harrison, a group manager at Symantec Security and Response, says that people should be concerned, because they're sharing more than they think they are.
Because social networks, public records, and high-profile security breaches are so prevalent, a lot of potentially sensitive information is just floating around the Internet.
"Each piece of information adds to the puzzle," Harrison says. "We don't throw everything out there at once, but it eventually comes together. For example, you may not put your full birthday on Facebook, but it's not difficult for someone to find out what year you graduated from high school and put two and two together."
In other words, you may not think you're sharing too muchjust a snippet here and a snippet therebut to a hacker, you're building an easily harvested online profile.
Protect yourself the easy way
If you use the Internet in any meaningful way, sending email, uploading photos, frequenting social networks, shopping your online profile is likely already floating around in the ether. And even if you haven't been online all that much, bits of your personal data may be available for online viewing via digitized public records. An interested person could readily find out if you have a mortgage, for example, or if you've recently gotten married or divorced.
You probably know that a typical five-character, dictionary-word password is easy to hack, and perhaps you rely on something far less penetrable. But you probably don't have the time or bandwidth to memorize a complicated mix of numbers and letters. So here are a few quick, easy-to-implement security tips that will drastically reduce your hackability.
Sign up for CIO Asia eNewsletters.