7/30/2019 Protecting Yourself From Hackers

1/2

Protecting Yourself from Hackers

September 13, 2012 by Andrea Bennett

A Wired.com technology writers recent hacking was a particularly sad case of what can

happen when cyber-thieves get access to your information. Using security loopholes in

Amazon, Apple, Google and Twitter, hackers were able to gather enough information to

remotely wipe Mat Honans iPhone, iPad and MacBook clean including irreplaceable

pictures of his babys first year of life.

According to Honan, the hackers used access to his Amazon.com account to get into his

Apple ID account. That gave them access to his Google account. After his Google account

was taken over and deleted, they used his Twitter account as a platform to broadcast racist

and homophobic messages. In many ways, this was all my fault, he says. My accounts

were daisy-chained together. Plus, he hadnt been regularly backing up his MacBook.

Honans story not only exposed serious flaws in some companies security practices (the

magazine subsequently reported that Amazon had quietly closed a security hole and that

Apple had suspended over-the-phone password resets), but also serves as a cautionary tale for

all individual technology users out there. After all, Honan wasnt targeted because he was a

journalist, or because he had influential names in his Rolodex. It was because his 19-year-old

hacker liked his Twitter handle.

Following his harrowing account, a number of online guides on avoiding exposing your own

technology to hackers sprang up in newspapers and online. Here are some of the highlights:

Use Two-Factor Authentication

Huffington Posts Gerry Smith notes that Honan had not turned on Googles two-factor

authentication feature. When a user turns it on, Google sends a text message with a code they

must enter when they sign in, along with their username and password, which adds an extra

layer of security if your password is stolen.

Create Separate Apple IDs

An Apple ID has become the key identifier for accessing the companys services, from

storing data in iCloud to downloading apps. Experts recommend creating different IDs for

different Apple accounts, so if your App Store or iTunes are compromised, hackers cant also

get to the sensitive information you have stored in the cloud (like Honans pictures of hisdaughter).

Use Multiple Email Accounts

The Guardian UKs Jack Schofield says that that Honans case, however extreme, highlights

the risk in using the same email address for all your online accounts. It wouldnt be

impractical, he says, if you use a desktop email program such as Windows Live Mail or

Microsoft Outlook, since a single send/receive all mail will collect email from multiple

email accounts.

Backup Constantly

http://responsibility-project.libertymutual.com/about/contributors/andrea-bennetthttp://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/http://www.huffingtonpost.com/2012/08/08/mat-honan-hack-tech-writer_n_1756131.htmlhttp://www.guardian.co.uk/technology/askjack/2012/aug/09/hacking-internet-email-cloud-computing?newsfeed=truehttp://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/http://www.huffingtonpost.com/2012/08/08/mat-honan-hack-tech-writer_n_1756131.htmlhttp://www.guardian.co.uk/technology/askjack/2012/aug/09/hacking-internet-email-cloud-computing?newsfeed=truehttp://responsibility-project.libertymutual.com/about/contributors/andrea-bennett

7/30/2019 Protecting Yourself From Hackers

2/2

Honan was less angry with himself for not backing up his MacBook than he was at his

teenaged hackers for wreaking havoc, he says. Schofield says that the simple solution is to

have a desktop or laptop PC backed up to an external hard drive and synchronized using a

program like FreeFileSinc (which is what he uses). You can also store copies of important

things using online services like Dropbox, Carbonite or Mozy.

About the Cloud

Finally, the trend toward keeping data online (in the cloud) may be convenient, but its also

risky. Someone using the same public Wi-Fi can hijack your session cookies and get access

to your email and Facebook accounts, Schofield notes. And its easy to add a cheap

keylogger to any publicly accessible computer, he says. As Honan writes, Password-based

security mechanisms which can be cracked, reset, and socially engineered no longer

suffice in the era of cloud computing. The better alternative, Schofield says, is using secure

https connections rather than http.

Do you have some security tips the experts didnt cover? Share them here. And to learn moreabout such online threats as identity theft, read our recent article on how to prevent fraud at

home and beyond.

http://responsibility-project.libertymutual.com/articles/prevent-identity-thefthttp://responsibility-project.libertymutual.com/articles/prevent-identity-theft