Hacking victim talks about perils of digital age
The perils of modern dependence on Internet-linked gadgets and digitally-stored memories remained a hot topic on Friday in the wake of a hack that wiped clean a Wired reporter's devices.
The perils of modern dependence on Internet-linked gadgets and digitally-stored memories remained a hot topic on Friday in the wake of a hack that wiped clean a Wired reporter's devices.
Mat Honan laid out at wired.com in gripping detail how his 'digital life was destroyed' right down to irreplaceable photos of his baby daughter. Honan next week is to share his quest to repair the damage.
'The take-away from his bad experience is that people need to be careful with using an online service, especially a backup service,' Lookout Mobile Security engineer Tim Strazzere told AFP on Friday.
'The main part is to mitigate risk; he lost a lot of personal information.'
Basic hacker skills were combined with 'social engineering,' the art of sweet-talking someone like a customer service rep into bending rules during a phone call, to compromise Honan's Google, Twitter, and AppleID accounts.
Honan told of his @mat Twitter handle apparently being the coveted prize for hackers who deleted his Gmail account and erased the data from his iPhone, iPad and MacBook laptop computer to hide their trail.
The data-wiping feature was created by Apple to let people protect digital information if devices are lost or stolen.
He said his Twitter account was used to fire off offensive messages.
'In many ways, this was all my fault,' Honan wrote. 'My accounts were daisy-chained together.'
'But what happened to me exposes vital security flaws in several customer service systems, most notably Apple's and Amazon's.'
Hackers were able to get bits of information from Apple and Amazon tech support that helped them achieve their mission, according to Honan.
Apple did not respond to an AFP request for comment, but reportedly gave Honan a statement saying his data was 'compromised by a person who had acquired personal information about the customer.'
'In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers' data is protected.'
The 'daisy chain' mistake Honan described is especially perilous when it involves making links between work and personal accounts, according to Strazzere.
Getting access to a personal email account could then give hackers keys to any password protected services someone uses - such as Twitter, Facebook or office email.
His recommendations included keeping work and personal online accounts separate, even going so far as to have 'throw-away' Web-based email accounts for matters such as password resets.
Pictures, documents or other data stored in the Internet 'cloud' or on personal devices should be backed up as well as being encrypted.
Some online services provide the option of 'two-factor authentication' that tightens security on password resets.
Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.