Hack Yourself to Save Yourself

Share Print

by Joanna Stern on May 20, 2008

“Mz. Mugzzi” of Fresno, Calif., (who won’t share her real name as a result of her stolen identity) knew little about hacking before a hacker stole her passwords, credit card information, and cash from her bank accounts. “She was taking control of my computer and coming in through my network. This enabled her to hack and master my computer remotely, which allowed her to appear to be me online,” she recounted. Mugzzi’s issues with her hacker multiplied until she was finally able to get the local authorities to intervene. How did this all start? By downloading an e-mail attachment.

According to a survey commissioned by F-Secure in January, only 7 percent of Americans are confident that they can open e-mail attachments without infecting their computers with malware built by hackers. However, 95 percent of respondents had security software installed on their computers. Needless to say, computer users have little confidence in their computing actions and the security suites meant to defend them.

/uploadedImages/Multimedia_Assets/Images/2008/Mobile_Life/Hack-Yourself_sf01.jpg

Ron Teixeira, executive director of the National Cyber Security Alliance, agrees. “You can’t just leave the security software program running and expect yourself to be safe from hackers and malicious attacks. People have started to figure that out,” he said. Teixeira isn’t suggesting that security software doesn’t work. Users just need to be aware of the latest threats and take an active role in protecting their systems and ultimately their identities. He offered the advice of “actively defending your system. For example, users can make sure their security software has all the most recent updates.”

Think Beyond the Security Suite

Other experts argue that the average computer user can do much more to take security action. Mugzzi told us, “What doesn’t break you makes you stronger,” and she learned directly from her hacking experience. “Now, I have specific security programs running on my computer to defend against all types of threats,” she said. Mugzzi uses Keylogger Pro to protect against keylogging attacks (a hacker’s method of capturing and recording user keyboard keystrokes), and she uses IdentityLock to safeguard her passwords. Because Mugzzi does business online she also invested in a corporate software and hardware firewall solution called SonicWall.

If you asked Ryan Russell of El Cerrito, Calif., who is a security researcher and author of Hack Proofing Your Network, what he thought of Mugzzi’s efforts, he would say that she won’t know for sure that her network and PC are safe until she tries to hack herself. His attitude has been that in order to understand attacks and vulnerabilities, you have to understand “how to hack.” He is a believer in “hacking yourself” because if you don’t, the hackers will. “I have received a lot of criticism over the years for providing hacking tips, but it is a solid way to understand how hackers work and how secure your system really is. People learn by doing,” he said.

Russell shared with LAPTOP three simple ways to invade your own computer. The tools he instructed us to use through each of the hacks are publicly available and are used by real hackers. Note: We only encourage the use of these tools on your own PC. If you use any of these tools on a computer or network where you don’t have explicit permission to do so, you could be potentially committing a crime.