Author:Jessica Barker
Once upon a time there were emails from officials in far off places, telling us that all sorts of riches were ours for the taking, if we’d just email back. Boutros Boutros-Ghali contacted me several times, pleading for help moving a shipment of gold, with my name on it. These days, there are text messages for parcels I didn’t order, funds at risk in bank accounts I don’t have, and even Taylor Swift tickets in local Facebook groups that will go at face value. I get regularly phished at work, my IT buddies sending out spoof after spoof to keep me on my toes.
And I never fell for one of them, until I did. A mail from a name I recognised, that I’d talked to a day or so before, asking me to check a list. They got me. An endless merry-go-round of IT “refresher” courses followed. None as insightful as reading “Hacked”.
“Hacked” walks readers through a cornucopia of online evils, from phishing to malware, spyware to deepfakes. There’s plenty of statistics, some sobering stories and lots of sensible advice. Barker details how giants like Facebook and Google have been phished, and how even the MGM chain had data encrypted as after an attack by a ransomware as a service group – where criminals rent easy to use kits that take all the technical difficultly of extortion. Worse, even LastPass, makers of password keeping software have been knobbled. Everyone is vulnerable to getting hacked of phished. It just takes the right attempt at the wrong time – online criminals can pump out billions of hacks and need to get lucky just once.
Barker reveals that back in the 1970’s the launch codes for missiles were set to 00000000. Worries about illegitimate use were er… trumped by worries about speed to launch. And that later both Carter and Reagan left codes in cast off clothing. One of the most interesting sections relates to passwords, and how things like dictionary attacks (throwing every word in a dictionary at a locked site) works around 80% of the time. There’s some useful advice on how to make passwords difficult to crack without being impossible to remember and way multi factor authentication (i.e. a password plus a code on your phone) is increasingly important.
As books go, it’s subject matter is inevitably rather dry, and in order to cover as much ground as possible, there’s not a lot of colour or depth added to the examples used. But with the scope of the book so wide, there was going to have to be a trade off between depth and pace, and generally it works very well.
Social media scams are endemic, and Barker provides a closer look whether it’s an Elon Musk fake video pimping cryptocurrency (Martin Lewis sued Facebook for not taking down a similar deepfake video) or the real ex NFL quarterback Tom Brady taking $30m for pushing the now busted FTX crypto company. The power of social media is neatly summed up when Barker describes how conspiracy theories about 5G lead to phone mast attacks in Bolivia. Where there is no 5G.
By the end I knew the difference between spray and pay, vishing and RaaS attacks, and how smart devices like doorbells and thermostats were weaponised to try and take down websites. As Shaw Taylor never actually used to say – “Keep virtually ‘em peeled”.
Length of Read:Medium
Might appeal to people who enjoyed…
Using the internet
One thing you’ve learned
There are now over 15 billion devices attached to the internet. Your Ring doorbell might be watching who visits you. But it might also be moonlighting for the Russians, working round the clock to create denial of service attacks to Ukrainian sites.
mikethep says
That looks like a challenging read for those of us who can remember when the internet wasn’t peopled with scunts and cumbags. I was struck by this, in a Guardian interview with the author Jo Hamya: “Even if you do have questionable views, the world’s changed so fast; I find it heart-wrenching to think that you could have lived half your life and then within a decade, strangers you’ve never met hate you. “
Vulpes Vulpes says
A quick electronic products survey of what’s available on Amazon (i.e. a rough guess) tells me that as far as doorbells and security cameras are concerned, they are more likely to have been pressed into service by the Chinese Communist Party to contribute to DDoS attacks on Taiwan.
Mike_H says
Somebody, somewhere will be reading this review and our comments, to see if there’s anyone worth hacking hereabouts. Maybe it’s a good thing after all that my bank details just aren’t worth the bother.
Kaisfatdad says
Excellent review, Fortune. It’s not just criminals that we have to worry about. In the event of war, our high-tech societies are very vulnerable to cyber attacks.
I don’t doubt that there are many military hackers in Russia who are busy analysing the potential cyber weak spots in the NATO countries.
hubert rawlinson says
https://www.theguardian.com/business/2024/apr/22/thousands-of-flights-to-and-from-europe-affected-by-suspected-russian-jamming#:~:text=Flights%20in%20and%20out%20of,Airways%20and%20four%20from%20easyJet.
Kaisfatdad says
Frightening reading, Hubert!
Native says
Looks an interesting read.
What amazed me recently was when I was the victim of some strange activity on my Credit Card, to the tune of £660, was the matter-of-fact, relaxed approach of the CC company.
“Yes, it happens all the time, Sir. There, I’ve amended it – anything else I can help you with today?”
Financial institutions apparently have millions set aside for cyber fraud. And as long as what they’ve budgeted for isn’t passed, they are all fairly ok about it….
Mike_H says
Basic good housekeeping, regarding your online doings, will keep your money and identity safe from online hackers, mostly.
Most fraud directly against individuals seems to be being perpetrated via the telephone these days, via social engineering methods.
Fraud against companies/organisations large and small, and their customers, is more worrying. Security can sometimes be woefully inadequate and as a customer you have no idea how good/bad a company or organisation you have dealings with’s security is until it’s breached.
Russia, China, Iran, Israel, India, The USA and The UK are all hacking or trying to hack each other’s institutions and infrastructure. Some state actors are reputedly willing to sell their hacking toolkits to anyone who’ll pay for them. The lines between state actors and organised crime are rather hazy, these days.
Twang says
Looks interesting, thanks. We had to do data security training top up training every quarter and there was always something new. One of the best tips I picked up was have a look at the actual email address which the sender used. It’s usually dodgy looking as flip and a dead giveaway.
Mike_H says
The address an email appears to come from is pretty easily faked. If you look further down in a suspicious email’s headers* you can spot the server that it actually originated from.
* Not ordinarily displayed if you use a webmail service like Gmail.
This is how to look at the headers in Gmail. Details for various other services are also supplied.
https://support.google.com/mail/answer/29436?hl=en&ref_topic=3394218&sjid=1345240234992087977-EU
H.P. Saucecraft says
It seems that The Young People Of Today are embracing the cash-free method of buying stuff, with vendor and purchaser fingering their phones rather than reaching into their pockets. My Polish Post-Modern Millennial pals went through this laborious and error-prone process as often as possible during a recent visit, causing me a little eye-rolling. When I suggested exchanging physical tokens for goods or services, they had what is called a “cringe” moment. They live through their phones. Managing your bank account online is protected as well as these things can be, and necessary. But street level transactions seem very fragile to me, and unnecessary.
Kaisfatdad says
As ever, you are a Man of Mystery, HP.
How does someone living in Thailand find Polish Post-Modern Millennial pals?
I only have one Polish pal, a middle-aged bloke called Pavel, who I occasionally meet in the tvättstuga (communal washroom). He is very keen to improve his English and often sits there studying while doing the wash. The book he is using is ancient and full of grammatical exercises. To his credit, he does always have a chat with me and tells me what he’s learnt. I constantly suggest that he goes and watches some stuff on YouTube
Twang says
I got hacked via a member on here today. Not actually through I don’t think/hope!
Mike_H says
MI5 are currently concerned that foreign intelligence agencies, particularly the Chinese, are targeting the UK’s universities, to steal research data on scientific and technological breakthroughs.
fentonsteve says
Someone has hacked my FB account and has attempted to log in from South of France and North Yorkshire in the space of 24 hours.
So if you see anything not dull in my feed, they’ve been succesful.
I no longer have access to the email account I used to create my account, they won’t use my secondary email for verification, or send a text, so I had to install WhatsApp on my mobile in order to get a code to change my password. What a PITA.
retropath2 says
South of France, eh, @lodestone-of-wrongness , nose tap tap….
retropath2 says
So what is the longstone-of-rightness, then?
retropath2 says
Lodestone, whatever.