Some of you may have heard of the group Anonymous and how they’ve been doing all sorts of things regarding several controversial companies and such. Disregarding all of that, this is a great article about how they hacked a supposed “security firm” as a retaliation recently.
The tactics they used were not super secret movie style backdoors or tools, they were all failures to follow basic security practices that led to a thorough and complete compromise of the security firm’s systems. I highly suggest you read this when you have time, it’s a type of security breach that could easily happen to anyone!
For those who don’t have time to read the article, two KEY things that will prevent this from happening to you:
1) It’s unreasonable to expect people to have a different password for everything they access. That’s just not how people work. However, one way to reduce the number of different passwords and still stay secure is to make up several different passwords for yourself that you use for different security levels. i.e. use one password for web forums and newsletter signups that you don’t care for, a different password for your work accounts and email, and one more password for important stuff like your personal banking information. That way if one password gets lost, you don’t compromise all the services at other “importance levels”.
2) Keep your software up to date! If your software breaks or has a security hole because you haven’t bothered to update it, it’s your fault. Updating software is an essential responsibility of every computer user. “Don’t fix it if it isn’t broken” is a good philosophy if it really isn’t broken, but we often erroneously define “not broken” as “it hasn’t affected me yet”. That’s a philosophy that has to change, ’cause it’s guaranteed to bite you eventually in this modern networked world.
