I have been hacked! What do I do now?

We get this question multiple times a week, so it’s not just you. And no, that does not mean that you are crazy, even if your friends think so, and even if the police do not accept your case. People’s computers and phones are hacked every day.

Why don’t the police do anything about it? Isn’t it a crime?

Generally, law enforcement will handle a case involving endangering children, loss of more than $ 500 in property (this changes from jurisdiction to jurisdiction and may include intellectual property), a credible threat to Safety National or a clear threat to the safety of your person, such as a death threat, for example.

They can take on cyberbullying if it is part of a probation violation or court order. If not, they will need you to provide more evidence, such as that provided by a private investigator or computer forensic expert, before they take over a case. The police are too busy on a budget.

Before deciding what Need do However, in this regard, you must decide what I want to do about it: Do you just want it to stop or do you want to catch the person doing it? Or both?

It’s not really possible to be online and 100% protected against piracy, but there are numerous steps you can take to make it not worth anyone’s time. They include:

• Keep your operating system and antivirus patches up to date.
• Secure your router, especially your wireless router – the manufacturer or your Internet service provider can help you with the best configuration for your particular equipment.
• Don’t give out your Social Security number or use it for identification – you usually just have to give it to your employer, your financial institution, and government agencies.
• Disable your guest account on your computer.
• Do not make your personal information public on social media or anywhere else.
• Don’t open email from people you don’t know.
• Do not click on the links in the email.
• Don’t shop online from sites you don’t know well.
• Use a firewall (hardware and / or software).
• Make sure your Android is not rooted and your iPhone is not jailbroken.
• Do not give some of your passwords to other people.
• Don’t use the same password for everything.
• Make sure that administrator access on your computer is protected and accessible only to you (use a password).
• Disable guest access on your computer.
• Disable remote logins
• Request a password to log into your computer, phone, or email.
• Use Strong Passwords – A good guide is on the “Perfect Passwords” page on the Gibson Research Corporation website.

If it has already been compromised, you can sometimes roll back your system via System Restore to a time before the compromise, if you know when it was. You may just want to back up your important documents, format your hard drive, reinstall your operating system, and get a clean start.

On an iPhone or BlackBerry, a factory reset will remove any old viruses, keyloggers, or other malware that it may have detected, along with everything else you have put in there on purpose. Doing the same with an Android should also remove any malware. Although some Android data can be recovered by an expert after a factory reset, there shouldn’t be any active malware.

But have I been hacked?

Frankly, it’s not always easy to tell.

Most computer, phone, or email hacking is actually the result of non-technical “human hacking.” We make so much information public that a perpetrator can guess logins and passwords, or trick an email service into sending a password reset link for a non-their account. A highly publicized recent example is Matt Honan of Wired Magazine, who wrote: “In the space of an hour, my entire digital life was destroyed.” But no one used any special technical skills. They just looked up information, made some smart guesses, and had a lot of nerve. Fortunately, most of us are not as attractive targets as the journalists at Wired.

Christopher Hadnagy’s book “Social Engineering: The Art of Human Piracy” talks a lot about these methods and how to protect yourself against them.

What are some signs that could indicate that it has been hacked?

• New programs have been installed on your computer, some that you did not install (although some programs, especially freeware, slip away from various “useful” browser programs and toolbars).
• New documents appear on your computer.
• Documents disappear from your computer (although it is not difficult to accidentally delete or move files without realizing it).
• Programs that you did not click open (although there are other innocent reasons why this could happen).
• You get strange pop-ups that don’t seem to be coming from a program you are using.
• Your passwords have changed (and not because you have forgotten them).
• Your security program (s) have been uninstalled or disabled.
• The computer is doing things by itself: the mouse moves and clicks things without you taking any action, for example.
• You will find information about yourself on the Web that only you should know.
• There is a note displayed on your desktop, your screen, that you did not put there.

What should I do if I see some of these?

Document everything you see, with dates and times, and take screenshots right away. For screenshots, it is easier to use your cell phone camera if it is useful, but it can be done directly on the computer.

• In Windows, press the PrtScrn key (to put an image of the whole screen on your clipboard), then open a new document (as in Paint) and press Ctrl-V (to paste the image into the document), then save it with a meaningful name, such as “Screenshot at 1:27 pm on January 1, 2012”.
• On a Mac, simultaneously press the Command (cloverleaf) key, the Shift key, and the number 3. The screen is saved to your desktop with a date and time as the name.

You can report an incident to the Internet Crime Complaint Center at ic3 dot gov And if it is what the government would consider a dramatic incident, some action can be taken.

If it involves child abuse, including abusive photographs of children, you can report the incident to the National Center for Missing & Exploited Children (missingkids dot com).

What do forensic people do looking for clues to try to catch the offender, or generate enough evidence for the police to take it away and run with it?

• Freeze evidence in time with a forensic image.
• Search the device for keyloggers, rootkits, Trojans, remote control access, bash history.
• Look for meaningful IP addresses.
• Look for meaningful email addresses.
• Check guest and administrative user accounts for vulnerabilities.
• Find deleted files that may be relevant.
• Inspect volume shadow copies and system restore points for relevant evidence.
• Search the entire device (used and deleted / unallocated space) for text that may have been noticed or may be relevant.
• Helps to identify found IP addresses.

Hacks can happen to anyone, but it is usually not personal. Still, if you’ve been hacked, forensic experts can help you identify intrusions, but unless you need to catch the person, it’s easier and cheaper to clean your device and start over.