It seems like everywhere we turn, someone, somewhere, is getting hacked. Never mind the entire LinkedIn password debacle that occurred long enough ago that it’s fallen off the world’s collective e-memory, usurped by the latest and hottest hacking. Yahoo, eHarmony, Billabong, FormSpring… the list goes on and on. Just today, the game developer Activision Blizzard – the developer of the oh-so-popular World of Warcraft – announced that someone managed to hack into its systems and steal contact and password information from many of the game’s players.
Every minute, we’re changing passwords, entering illegible CAPTCHAs, coming up with random security questions, all in the hopes that these steps will secure our online worlds of bank accounts, credit card numbers, and personal Amazon choices that unwittingly get shared on Google+ accounts (which is okay, since no one ever uses Google+ anyway).
All these cloud-based services, from iCloud to Gmail to Amazon and beyond, have become household names for anyone who uses a computer nowadays. Is it ironic – or maybe a tad bit scary – that what has been designed to make life more efficient is actually putting us at higher risk?
Wired author Mat Honan’s article “How Apple and Amazon Security Flaws Led to My Epic Hacking,” details how his “entire digital life was destroyed” because hackers accessed his Apple ID account, which allowed them to access and delete his Google account, compromise his Twitter account and remotely erase all of the data from his iPhone, iPad and MacBook. His article has led to security-policy rethinking in Apple and Amazon, and has brought cloud-security issues to the forefront of conversation. In response to his hacking, Apple put a 24-hour suspension on over-the-phone password resets while the company scrambled to identify new security policies, and Amazon restricted people’s ability to call in and change account settings. Unfortunately these changes came after Honan lost more than a year’s worth of photographs of his daughter and documents and emails he hadn’t stored in other locations than his computer.
So what can one do to avoid a future debacle? As Honan says, cloud-based systems need security measures above and beyond the old password-based ones, which can be relatively easily compromised. But until Apple and Amazon and the like get going on patching up these security holes, there are some steps that you, as a consumer of cloud services, can take to lessen the chances of being hacked:
- Back-up your data. This is the best way to ensure there is an easy way of ensuring you have it if your hard drive crashes, your computer is stolen or there’s an unexpected system failure. Right now, there may not be much faith in general-purpose cloud services offered by Google, Amazon, Apple, etc. But if you do need to store your data via the cloud, the best way to store your data is on different services. And with the security breaches that seem to be sweeping the cloud services, there will most likely be a resurgence of interest in offline backup, such as USB hard drives.
- Use secure passwords. A no-brainer, of course, but for your 80-year-old grandmother, “password123” is not a secure one. Use different passwords for different accounts.
- Be careful with what accounts you link together. Honan daisy-chained two of his main accounts – his Google and his iCloud accounts – which allowed the hackers even more access to more of his data.
- Create an email address for password recovery that is used for that sole purpose – and nothing else. Make sure that it’s not used for any other services, like banking or correspondence.
- When services offer extra security measures – USE THEM. Don’t put them off; take the time to go through the steps you need to in order to activate them. It might take some time and it might be a pain, but you’ll be glad when the world around you falls prey to hackers. Google, for instance, has offered a two-step verification process that reduces the chance of hackers accessing your Google account.
- Basic awareness in your Internet habits is key. Be aware of what computers you log in to, how secure your connection is, and whether a browser is storing your passwords. Be careful of who you give personal information to – if you’re shopping with a new online retailer, make sure they are legitimate.
Unfortunately, the cozy sense of security doesn’t come without some effort. As my colleague, Dave and I struggled to make sense of Gmail’s new two-step verification process, we realized that maybe our accounts were safe because, after all, if we couldn’t figure out how to sign into our own accounts, then maybe hackers would be just as befuddled, too.
Now if you’ll excuse me, I’m off to go pour myself a strong drink while I change my myriad passwords, unlink some of my accounts, and dream of the days when clouds referred to “visible [masses] of liquid droplets or frozen crystals made of water or various chemicals suspended in the atmosphere.” This definition of “cloud,” by the way, has come up second in my Google search. Can you guess the first?
Image from FastCompany.com.