How Do I Tell You, You've Been Hacked?
25 August 2017 00:00
Whilst Paste Sites are becoming increasingly popular for privacy and anonymity reasons, they often hold a wealth of compromised data.
Often when online services are compromised, the first signs of it appear on "paste" sites like Pastebin. Attackers frequently publish either samples or complete dumps of compromised data on these services. Monitoring and reporting on the presence of email addresses on the likes of Pastebin can give impacted users a head start on mitigating the potential fallout from a breach. Check this website to see if you have an account that has been compromised in a data breach.
Whether it’s a URL containing indecent images of celebrities, or hacktivists posting confidential government documents – there’s always something going on.
Recently, I stumbled on a data dump showing IT managers discussing projects with a potential supplier - which showed internal plans and projects being revealed. The anonymous submitter hacked a LinkedIn account and posted the information to a paste site.
No one likes getting hacked, the quicker you notice something has gone awry, the better chance you have of minimizing the damage. Here are a few things to look out for:
Have you ever received a suspicious message requesting personal information or even money?
This is one of the most common methods of hacking that is extremely successful, why? Because people still fall for it every day. Always look out for phishing emails they can appear in anybody’s inbox, they could be offering you money or a free product, or sometimes the email could be ruthless and demanding personal data from you. There is more than one type of a phishing email I'm afraid, but if you know what to look out for then you could save yourself or your business its data.
Has your device suddenly slowed down?
This is something that doesn’t affect all devices, some gadgets just slow down over time anyway. However, anything that is “out of the ordinary” is where you should be concerned. You should particularly pay attention to any drops in performance that are significant, sudden or long term this would be the time to run through as many security checks as you can.
Have you noticed an increase of popups recently?
Malware and viruses love popups, they will not stop bombarding you with them, the pop up may ask you to run a security scan of your system or verify your account credentials, sometimes it could be something as simple as asking you to participate in a prize draw. These will all look authentic, but the clue should be in their randomness- if you didn't ask for them and haven’t seen them before, then be very wary.
Have you seen any online activity you don’t recognise?
We're all prone to sending off the odd social media comment without even thinking, but suspicious, unexplained activity on your accounts from somewhere other than your phone or your computer is something that should monitor, it might not come to light for several days. It could be anything as simple as you’ve been signed up to an account you don’t recognise or an email list perhaps.
Are you having trouble accessing your accounts?
This is a pretty obvious one and is one of the first things people notice when they’ve been hacked. Someone has simply just changed your password, it’s a good idea to check your inbox for evidence of a password change notification. The worst thing you can do is panic, a vast majority of online account have a variety of techniques to help you regain access. There tends to be a link that you can click and go through several steps to regain access. To give your device that extra layer of security, try using 2FA or even MFA it will keep your device secure and your mind at ease.
Trying to contact the Company.
Email is a great method of communication, however sending links to paste websites out of the blue doesn’t go down too well, especially when you work for a cyber educational and simulated phishing company.
Phone? I’m guessing getting through to an IT director from reception isn’t going to happen. Only to leave an awkward voicemail. Do many organisations have a process for this type of thing?
Since the Breach Detection Gap [BDP] is on average 146 days, it can take nearly half a year before an organisation has realised sensitive information has been stolen. Which could be limited to a matter of days if discovered early enough.
But what incentives are there for people to let these companies know? Often white-hat hackers are often persecuted for pointing out vulnerabilities or flaws. Organisations like BugCrowd provide a service finding bugs and vulnerabilities within systems, but for vulnerabilities in policies – it seems like we are way off the mark. Organisations need to actively understand if they spot early signs of a breach before the damage becomes severe.