A lot of the time I see the software asking permission, and as Charles said, he not only invited them in but offered them a cocktail. The "Your computer is infected, let us run a HD diagnostic" is a huge red flag. One of my friends says that since his kids use the computer, he only runs his everyday os as a virtual computer. This way only current work in progress is available and if it is totally destroyed, he can just reboot to get back to where he was (with minimal data loss). Also, with 1.5 - 2Tb external hard drives available for approx $100 and free daily backup software available it should be possible to avoid major data loss. A good Internet Security program will catch a lot of potential attacks, but knowing what I know, if I fall victim to an internet attack it is almost like going for a walk in the jungle and being attacked by a tiger. Preparation and foreknowledge may have avoided a problem, but not always.
You point out yet another way people's data can be exploited by hackers, Nancy. Attacks are getting so much more sophisticated these days. I feel somewhat immune since I live in a small country and three hours from the nearest big city, and work only on wireless networks mostly. But I doubt anyone is ever really "safe" when it comes to the Internet and hackers.
You have certainly inspired me. I'm quite lax about back up but think it's about time I do another one. Of course I wouldn't lose data that's terribly crucial like a business would, but would be a shame to lose stuff that's important to me.
Another tactic is not stealing data but disrupting it by overloading servers: thereby causing them to crash and demanding a ransom to back off, so that data flow can be restored. Evernote recently experienced such an attack.
We are definitely living in different times and sadly we need to be cognizant of cybercrime.
My hacking experience was quite some time ago. I was accessing the internet on my Red Hat_5 (Linux) box through my telephone modem at home. I disconnected and I noticed that my hard drive was running like crazy. When I investigated, I found the following process...
egrep -ri /home mastercharge|visa
The hacker was searching each file on my hard drive for any text containing "mastercharge" or "visa". The search was case insensitive. Fortunately, there was no text containing any of that. I actually did have a fax document with my credit card number on it, but I did not identify my card type. The search would not have found it.
The hacker's root kit completely screwed up my operating system. I had to re-install it. I installed the latest version of Red Hat, and I installed the firewall. I forget whether or not Red Hat_5 offered one. I was over confident.
My data was on a partition separate from my OS, so I did not lose anything. I was not managing anybody's critical personal information, so not much harm was done. Mostly, it was my wasted time.
Your computer always is under attack.
Anybody who is managing critical information, like your credit card number, is under attack.
Run a firewall.
Go to www.grc.com, run their Shields Up tool, and make sure you are invisible on the internet.
I am still running Linux. You need to consider not running Microsoft Windows. If nothing else, its popularity makes it the favourite target of hackers.
Sorry to hear about your loss Charles. And you are right, these guys are getting very professional day by day and most of them are very smart as compared to an average internet user. We really need to be cautious or the identity thefts and data loss will be a very common thing among the masses.
And $400 you say? You got lucky! The hackers who hacked Dominos's Customer Data demanded $40,000! Besides, even if you get your data back it's already corrupted as the hacker has a copy of it. So even if you pay the ransom, you do get your files back, but your data is no more private.
Thanks for sharing the story with us, it's important for us all to hear it first hand. I had heard about this on the network news, but first hand accounts are far more valuable. There's some comfort in knowing that following the normal safety rules might have prevented the intrusion, but it's frightening to know that there is no way to track the criminals. It's a problem that's only likely to get worse. Governments are demanding back doors into everyone's network, you know, to keep us all safe, but if the "good guys" have a way into your network it isn't long before the bad guys exploit it.
You're right, Liz. I shared my story as a cautionary tale for others, especially those who may be lax about prevention and back-up, as I obviously was. It's also worth noting that many of the victims of this have been small businesses, such as pharmacies and law firms (as well as police forces), who often have a desperate need to get their files back.
I haven't contacted any agencies, Rob. My impression is that it would take a big federal agency -- the FBI, for example -- to track down the scammers on behalf of the many people who've had this happen. Whoever, does the tracking, they need to be prepared to search outside the U.S.
In many engineering workplaces, there’s a generational conflict between recent engineering graduates and older, more experienced engineers. However, a recent study published in the psychology journal Cognition suggests that both may have something to learn from another group: 4 year olds.
Conventional wisdom holds that MIT, Cal Tech, and Stanford are three of the country’s best undergraduate engineering schools. Unfortunately, when conventional wisdom visits the topic of best engineering schools, it too often leaves out some of the most distinguished programs that don’t happen to offer PhD-level degrees.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.