Russian Organized Crime: Krem D’la Krem of Hackers
The Russians have definitely come…in the world of cybercrime. A Russian ring of hackers has amassed 1.2 billion stolen passwords and usernames involving 400,000 websites. The criminals have also garnered 542 million e-mail addresses.
Apparently, the thieves are not working for Russia’s government (which rarely goes after hackers anyways), nor have they sold the stolen information…yet. They’ve been paid by third-party entities who want to send out spam.
This gang of thieves operates like a business, with some doing the programming and others doing the stealing. The crooks use botnets to scope a site’s weaknesses, then plow in there.
This massive breach has called attention to the reliance that businesses have on usernames and passwords; this will need to be changed.
Tips for Preventing Getting Hacked
- Say NO to clicking on links inside e-mails, even if the apparent (note “apparent”) recipient is your bank or a friend.
- URL security. Trust only sites whose URL starts with a padlock icon and “https.” An “http” won’t cut it.
- Two-step verification. If your financial institution offers this, then activate it. Call the bank if its website doesn’t have this information.
- Online banking. If possible, conduct this on a separate computer just for this purpose.
- Change the router’s default password; otherwise it will be easy for hackers to do their job.
- Wired ethernet link. This is better than a powerline or Wi-Fi for protection. To carry out an ethernet attack, the thief would probably have to break into a home and set up a device, whereas Wi-Fi data can be snatched out of the air, and powerline data can leak into next-door.
- Encryption. If you must use Wi-Fi or powerline networks, encryption will scramble data, but a hacker can crack into Wi’Fi’s WEP.
- Say no to third-party Wi-Fi hotspots.
- Security updates. Keeping up to date will guard against hackers who use a keylogger to figure out your keystroke pattern—which can tell him your passwords.
- Hotshot Shield; This service protects you from fraudulent activity when you’re working online in an unprotected network (wired or wireless), such as at airports, hotels or coffee houses.
- Get identity theft protection. Generally your identity is protected from new account fraud. Many of the services monitor your data on the dark web.