Hack Attack!

I have a confession to make. I was hacked.

It just goes to show it can happen to everyone. There I was standing in one of my favorite technology stores when I got a phone call saying someone got an odd email from me. Evidently I had been mugged in London and desperately needed help. About two seconds later my buddy's phone buzzed with the same email. Thirty seconds later another buddy walked up and told me quite plainly, "you need to change your email password dude".

I immediately used my phone to log onto my email account. Unfortunately the hack included changing my email password. My phone also showed my facebook connection was down. I'll go into how I fixed the problem in a minute, but first let me just say my accounts were back online and the problem was resolved within an hour. Judging by some of the internet sites I saw when I first looked up this problem, I'd say that was pretty good time.

So how did I fix the problem and what can you do if the same thing happens?

1. As it says on the Hitchhikers Guide to the Galaxy...Don't Panic!
2. The best bet is to try to get your email fixed first. I would assume once they were able to get a hold of my email account it was pretty easy to use the "request new password" function to get access to other sites.
3. 

   Image via Wikipedia

   I visited Gmail's website and followed their password recovery procedure. I had to answer several questions about my gmail account. The questions can be quite daunting such as when you first logged in, who sent you the gmail invite, etc. Again, don't panic. You don't have to know all these answers. Do your best and if you use your gmail on a regular basis you'll probably be fine.
4. Once the recovery process with Gmail was started I began on Facebook. I admit I did not have a recovery email address set so I had to wait for Facebook's representatives to look into the problem. Amazingly the folks at Facebook had that up and running within about fifteen minutes.
5. An hour or so later the folks at Gmail notified me that my account had been restored. I immediately took stock of anything that looked amiss. Amazingly my email was all there. One thing I did notice was a new redirect was set up. I turned this off immediately.

While I was waiting for my accounts to come back I did a virus and spyware scan. This is where I found part of the problem. The free anti virus software I use didn't find anything, but when I tried another program it came up with a hit, a keylogger program. I am not sure where I picked this little bad boy up, but it had been flying under the radar. For those of you who don't know a keylogger can record keystrokes such as usernames and passwords and forward that information to a third party. My new anti virus program immediately dispatched this critter.

Now, I know you are probably wondering why on earth someone who is trying to sell me IT support would admit to being hacked. Well, two reasons. First and foremost I am a strong believer in learning from incidents like this. I have compiled several lessons learned that I hope will help others (free of charge).

• Rotate passwords often.
  • I know we get busy, but we need to be proactive in our internet security.
• Scan your computer often. And if you don't get any hits, ensure your anti-virus and spyware software is updated. You may even considering trying another program as a test.
  • Not all computer defense programs are created equal. They often rely on virus definition updates which may or may not include all the bugs out there. If you are not getting hits it may be because your software is not working like it should. It had been a while since I got a hit and that should have set off some warning bells.
• Set up recovery emails and review the recovery procedures of the important sites you use.
  • Facebook allows you to set up a secondary email in an effort to restore your account. I have since set it up and I must say it works like a charm.
• Keep an offline list of the key websites you use.
  • This should be the sites you know would be critical to restore should your online identity get compromised. Prepare to go down this list and change passwords at the first sign of being hijacked.

My second reason for admitting to this is to show you that we at MHI Tech Labs have a promise to always be honest. If any computer guy is afraid to admit they got hacked then you need to run away and find someone who is willing to tell you the truth. It happens. It is not good, it is not fun to admit, and it may look bad, but it happens and it is important to own up to it and not bury your head in the sand. Only through acknowledging the problem can one find the solutions to prevent it from happening again.  It is our commitment to professionalism and customer service that not only makes us a great company to do business with, but a great company to be a part of.

So, I hope this has helped you prepare a little better for the inevitable attack. If you need help ensuring your company's systems are secure, please don't hesistate to call us at 661-513-3828.