Q

Home » Top Secret » How to Prevent Being Hacked

How to Prevent Being Hacked

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 46 other followers

Most of my friends and family know my past.

Sure. I loved my nose candy, but at the same time I was also working for the NSA, and was in the same class at Fort Meade as the now infamous Edward Snowden. Who, incidentally, is a trained lawyer.

So whether you’re a business or a individual – I won’t tell you the sky is falling and that hackers are taking over the world. As Roosevelt once said, there’s “Nothing to fear but fear itself” and nowhere is this more true than with your propensity to suffer loss – whether it’s identity theft, financial loss and theft, or malicious acts in general….

Now I’m going to tell you – in layman’s terms – how I got into computer systems. And this little list is how you could have made my job – and anyone who is a hacker’s job – MUCH tougher.

This isn’t to say you’re going to be off everyone’s radar altogether.

But these admittedly unusual suggestions diminish your footprint substantially.

By the way, I’m a Microsoft Windows bigot, so this applies to Windows systems ONLY!

  1. Completely DISABLE the Windows ‘Auto Update’ feature.

    All new versions of Windows go through EXTENSIVE testing prior to release. So if things are working properly on your system, the purpose in destabilizing your machine and your work and life by allowing ‘new updates’ is in general to create more security, right?

    Here’s the issue: Hackers know how Microsoft’s distribution network works. So any hacker properly armed with this information can leverage this network to place information on your system.

    I should know. It’s the primary mechanism I used to get into people’s systems.

    DISABLE this. A working system is a happy system. So unless you absolutely need an update to run a piece of software, a good general rule of thumb is not to automatically update your system and risk exposing yourself to threats you are ill equipped to handle yourself.

  2. Completely REMOVE AND DISABLE all virus protection

    I know this sounds like an oxymoron, but like Microsoft’s auto update feature – they are ALWAYS doing remote updates of their virus definitions which is through network that can and often are easily compromised.

    Now if that weren’t enough to encourage you to disable and remove virus protection, here’s another way to think about it:

    Do you take an antibiotic like amoxicillin or penicillin to prevent disease all the time? Probably not, right? Then why would you run with anti virus all the time?

    I’m not saying never use anti virus and similar programs which might remove infections from your machine, I’m merely saying – use these programs ONLY when you need to.

    Not only will your machine perform substantially better, but you’ll find your problems diminish.

    This removes ONE more hole that I as a hacker can get into your system.

  3. DON’T download special programs or codecs to your machine

    I’m a porn aficionado. Sometimes I think I chose the wrong career path and should have been a porn star. And nowhere are you more likely to pick up random unexpected nuggets than when surfing porn.

    Or ‘warez’, torrents, and the like.

    I am neither condoning or supporting these activities.

    Now MANY of these web sites will tell you you need a special ‘codec’ or to download a special program to view the content. That’s crap. And when you do – this makes it possible for me to drive a bus through the hole you just created for me to get into your system.

    SOMETIMES these codecs may appear to be legitimate. SOMETIMES they may even cross reference sites and have elevated themselves in search engines to appear legitimate.

    I personally use VLC player and Windows Media player. If a video doesn’t work on these two programs, I just won’t reference it. Period, end of story.

    My advice is that you find a good general video player you enjoy, and rely on that – and should there come a format that’s not supported and it’s in wide use, do as I do and email the developers.

    But in general. Don’t download things that require you to download special software to use.

    Just say no.

    OH. This also applies to attachments via email.

    Use prudence here. If you don’t recognize the file type and/or the source is unreliable, just say no.

  4. DON’T allow unknown USB devices to be stuck into your computer.

    ONE of the easiest ways I have at getting onto any system – or network –  even corporate networks is by sticking a thumb drive in a USB drive on a computer system at the front desk of the company’s entrance.

    For instance, I saw a wonderful opportunity to hack the entire welfare department for the state of California by these exposed USB drives on computers where I simply stick my hand through the window and put a tiny thumb drive in the back of it.

    Once I’m on that machine. I then can establish a remote connection to any machine on the network through the logged in user’s credentials. And while sure, she may only be a secretary, she’s sure to share credentials with others who I might then turn around and infect their USB drives, which then get taken to other systems with higher level authority, and before you know it, I own the company.

    Here’s the moral of this story:

    DO NOT, if you’re in Starbuck’s, or in an office – let anyone leverage your computer system’s USB.

    I’ve heard it before “I just want to charge my headset”, or “I just want to charge my phone”.

    You connect. I can now own your system and all your data AND anything you connect to from there.

    This includes your home network.

    Now if you’re administrating computers in a corporate environment. I’m an advocate of tight information control, so my advice is to find a bios that locks with an admin password, and then disable the USB and any other ports (ie: parallel, serial) at the device level. This limits the risk to the machines in your domain, and makes it oh so much easier to not have to worry about educating your users to not bring USB’s to and from the home. And while sure, this may inconvenience their work, you retain control of your information.

    Provided of course you have a good proxy set up for information loss through the internet.

  5. Turn ON your firewall.

    This SHOULD be on by default on new Windows Systems.

    But here’s the thing. WHEN you see a pop up message FROM Windows firewall which warns you of something happening with the firewall, DO NOT be alarmed. Just take the time to investigate it. Secrecy and stealth was my agent, and Windows Firewall lets you say yes or no to people like me.

    That and Google’s your friend.

    SO ALWAYS have a notepad near the computer for those random pop up messages – and then ask Google what this message means. Typically it will be no big deal, but sometimes, you might find there’s more to it that needs your or someone else’s attention.

    What the firewall does is to notify you of unknown connections that are coming into and out of your machine. It’s not as much a preventative measure as it is a simple notification for your awareness. This helps you learn a little bit more about your system.

    And let’s face it. It IS NOT like driving a car. A car gets you from point a to point b but a computer can be your livelihood, and it behooves you to get to know the basics. Consider knowing something like this the equivalent of knowing how to change a tire on your car.

Options #1 and #2 are admittedly unconventional, and are a real test of what’s more important to you. If perceived security is more important, then you probably won’t follow my advice, which is fine, but if you’re more concerned with stability of your system – that is – knowing what’s going into and and going out – then it should be a no-brainer that connecting to ANY network presents an additional hole into your system that makes you a target.

I hope this helps!


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Enter your email address to follow this blog and receive notifications of new posts by email.