Who is not busy these days? I was “busy” and did not have time to deal with an email notifying me that a file had been changed on my blog. This was a mistake.
By the time I tried to login to Watercrunch I was locked out with no keys. I had to brush up on my server programming skills and brute force my way back in to my site. What I found was not good. There were twelve or so new executable files and some of the core wordpress files had been altered. Going through the website logs, it appeared I was now hosting Viagra ads. Come on, Viagra? Really? I was also getting some strange hits from the fine folks from Uzbekistan.
Untangling that mess was beyond my abilities. I immediately deleted the whole site. Within a minute, every file on the server was gone. I restarted the blog and brought back the content one at a time. So far, so good.
What did I learn about this hack? It was my fault. This particular hack used a hole in the code of an older plugin I had not updated. A third-party was able upload a .php file—basically a server executable file—to the server. This one weak link eventually allowed total access to the blog.
Strange coincidence, but I had just finished Marc Goodman’s fantastic new book Future Crimes: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It. I know I just used the word fantastic. This is not the hero who is victorious fantastic, but the hero who watches their back fantastic. He outlines some eye opening stories such as:
- Drug dealers in Mexico are going to colleges of aeronautical engineering to hire drone engineers
- A hacker being able to remotely deploy your airbag or apply the brakes as you’re driving.
- 3-D printers can produce AK-47s.
- Bio-terrorists can download the recipe for Spanish flu.
Goodman’s central idea throughout the book is that we are racing to connect everything to the network, but we are not keeping the same diligence with protecting our data. Everything with a connection is hackable.
We don’t know what good online security is and most folks are just giving it away for free. For example, I probably could not tell what personal privacy I am giving up using gmail. Our smart phones and the plethora of mobile apps are leaving a digital exhaust plume filled with phone records, text messages, browser histories, GPS data on all of us that lives forever. Marc gives lots of examples how this data can be used against us.
We are just beginning to live in this new Internet of Things age. Cisco predicts there will be 50 billion devices connected to the internet by 2020. As more of the world’s objects become part of a network, securing our critical infrastructure—the electrical grid, our water systems, our new smart homes, and connected personal medical devices will become more important.
If you have not been hacked lately, make sure to put this book on your 2015 reading list. I am a technology optimist, but I think we all need a good scaring about the dark side of technology from time to time.
We estimate that only one percent of things that could have an IP address today have one, so we like to say that ninety-nine percent of the world is still asleep. It’s up to our imaginations to figure out what will happen when the ninety-nine percent wakes up”
-Padmasree Warrior, Chief Technology officer, CISCO
Further materials from Marc.