The image of the “hacker” is often quite romantic as the trend in TV dystopias paints us a picture of teenage justice warriors and half-human cyborgs bringing down oppressive governments by using monitors and malware to set the world to rights.
These stories still suggest that hacking remains the past time of a technical and expert few but while it is true that self-righteous law breakers with global agendas may indeed exist today, in reality, most hackers are less ambitious and simply out to make quick money by stealing your personal data.
As highlighted in recent research by Top10VPN.com, hacking is now a more accessible crime than ever as tools of the “trade” can be bought from the dark web at no more than the price of a cheap cup of coffee.
Find out all you need to know about hacking here and how to make your data safer.
“Hacking” is defined by the Crown Prosecution Service as the “unauthorised use of, or access into, computers or networks by exploiting identified security vulnerabilities” and is most commonly used to steal personal information or gather data of use to criminals.
Malware is short for malicious software and is used by hackers to interfere with computer operations. Here’s a few of the different types of malware you might want to be aware of:
- Viruses – these are programs that replicate themselves within and between computers but which cannot infect a computer without the human action of running or opening the corrupted file.
- Worms – these are also self-replicating programs but they can spread anonymously within and between computers and do not require a host or human action to cause damage.
- Trojans – these are destructive computer programs which pose as potentially useful ones in order to trick computer users into installing them. This malware can steal personal data and can also fool you into performing routine functions which then enable it to undertake unauthorised actions.
- Spyware – this type of malware steals personal information from infected systems and monitors the web pages that the user views, passing the data it collects on to third parties. Key logging technology is an example of this software which captures keystrokes on a keyboard so as to steal bank details and passwords.
- Ransomware – this software holds your data hostage by copying your documents into a password protected folder, deleting the originals and then sending you a message to pay for their return.
Malware is often distributed via spam which is unsolicited or junk emails, usually sent out in bulk around the world. These try to lure people in with emotive subject titles or exciting language, sometimes using disasters as hooks or even announcements of fake prize money.
Fans of The Matrix will remember Neo’s collection of 16 or so computer monitors and the luminescent green computer code that he made his home within. When thinking of hackers, this is often the image that comes to mind but it obscures the reality that wannabe fraudsters actually need very little to break into your computer networks and steal your data.
According to Top10VPN.com, malware such as viruses, worms and trojans can be bought for less than the price of a pint on the dark web. These are described by the site as ‘entry-level’ hacking tools and include items such as ready made phishing pages, software to compromise WiFi networks, and files to help hack passwords.
Often designed to target customers of specific brands names such as Apple, Paypal, Facebook and Netflix, these products additionally come with how-to-guides which means aspiring Neos need little prior knowledge to carry out attacks and that there is the danger that this kind of amateur fraud could become commonplace.
The hacking tools that can be found in a rookie criminal’s shopping basket range from software such as remote access trojans and card cloning code to kits which enable fraudsters to imitate mobile phone masts in order to intercept texts and calls from connecting devices.
As found by Top10VPN.com, for criminals wanting to commit a range of scams, it’s possible to assemble a complete online fraud toolkit for around £100, with equipment allowing hackers to infect people with malware and hack WiFi networks – all with a view to stealing their personal info to commit identity theft.
Simon Migliano, Head of Research at Top10VPN.com has warned that “with state-ordered cyber breaches frequently hitting the news agenda, it’s easy to forget that the majority of hack attacks aren’t particularly sophisticated or carried out by shady organisations.
“But, for a little more than pocket change, we see that amateur hackers can perform more sophisticated attacks. We found countless listings for tools to commit cryptocurrency fraud through malware attacks that would then allow criminals to access lucrative Bitcoin accounts – with the price of Bitcoin currently worth around £6,000 a pop.”
1. Install anti-virus software
While this sounds like an obvious first step, it’s one of the most vital when building up your PC’s defences to hackers. It is super easy to acquire as it is produced by most internet or tech providers and is often included for free in network packages from companies such as BT and Microsoft.
If you’ve already installed such a program, it’s also important to remember to use it! Even if you don’t think you have anything to be suspicious about, it’s good to get into the habit of running a monthly systems scan just in case.
2. Make use of the Windows firewall
A firewall is a built in feature from Windows which stops your computer from getting unwanted attention from the internet. Although it is enabled automatically, check its settings by searching your PC for “firewall status”. You know your firewall is working when you see three green ticks but if they are not lit up, select all three to turn them on.
3. Stay on top of web browser updates
As newer versions are constantly being invented, web browsers constantly need updating. While this can be faff as it takes time to install newer models, it’s always worth it as web browsers can contain bugs and become more vulnerable to them the older they get. Hackers can exploit these and can use them as gateways into your personal information and passwords.
Web browsers also need to be aware of the existence of fraudulent sites to effectively block them and this is also a good reason for always using the most reason version.
4. Don’t rely on one strong password to do the trick
Most sites will prompt you to use a strong password by making the inclusion of special characters and numbers compulsory. This means it can be tempting to use the same strong password for everything however, which can make your different accounts vulnerable. The solution to this is password manager apps like 1Password which can remember your different combinations for you.
5. Use a two-step verification process for all online accounts
Two-step verification not only protects online accounts such as emails with passwords but also requires a sign in from a separate device like a phone. This second step is not required every time you sign in but is activated when your account is accessed from a computer which you do not usually use, or if activity on your account occurs which does not fit your footprint. Companies that use such a protection include Apple, Microsoft, Amazon and Facebook but often you need to activate the two-step option to put it into effect.
6. Be wary of public WiFi networks
Although high street WiFi networks can be lifesavers, their public nature means that your connections and personal details can be exposed. As ZDNet recommends, treat these networks as though every page you visit is being monitored. Using your phone’s data is often a safer bet.
7. Don’t get reeled in on a phishing line
Although spam filters are usually pretty good at catching phishing emails, sometimes the ones which are the most personalised get through. They can use taglines describing car crashes or accidents and can even mention people from your contacts list as well. If you get one of these emails and you are unsure, instead of opening the email, the best thing to do is to call the person the email has involved and, if it is a scam, to let them know their data has also been compromised.