I’ve Been Hacked! What Do I Do Now?

by | Sep 14, 2015 | Uncategorized

We get this question several times a week, so it’s not just you. And no, it doesn’t mean you’re crazy – even if your friends think so, and even if law enforcement won’t take your case. People’s computers and phones get hacked, every day.

Why won’t the police do anything about it – isn’t it a crime?

In general law enforcement will take on a case that involves endangerment of children, loss of more than about $500 in property (this changes from jurisdiction to jurisdiction and can include intellectual property), a believable threat to Homeland Security, or a clear threat to the safety of your person – like a death threat, for instance.

They may take on cyberstalking if it is part of violation of parole or a court order. Otherwise, they’ll be needing you to furnish more evidence, such as that provided by a private investigator or computer forensic expert, before they’ll take on a case. The police are just too busy with a limited budget.

Before you decide what you need to do about it though, you need to decide what you want to do about it: Do you just want it to stop, or do you want to catch the person who’s doing it? Or both?

It’s not really possible to be online and be 100% protected from hacking, but there are numerous measures you can take to make it not worth most anyone’s time. They include:

  • DO use effective passwords. A good guide is at the Perfect Passwords page at Gibson Research Corporation’s website.
  • DO secure your router – especially your wireless router. The manufacturer or your Internet Service Provider can help you with the best settings for your particular equipment.
  • DO keep your operating system and antivirus patches updated.
  • DON’T give out your Social Security number or use it as an ID. You usually only have to give it to your employer, your financial institution and government agencies.
  • DO disable your Guest account on your computer.
  • DON’T make your personal info public on social networks or elsewhere.
  • DON’T open email from people you don’t know.
  • DON’T click on links embedded in emails.
  • DON’T make online purchases from sites you don’t know well.
  • DO use a firewall (hardware and/or software).
  • DO make sure that your Android is NOT rooted and that your iPhone is NOT jailbroken.
  • DON’T give any of your passwords to others.
  • DON’T use the same password for everything.
  • DO make sure that Administrator access on your computer is protected and accessible only to you (use a password).
  • DO disable Guest access on your computer.
  • DO disable remote logins
  • DO require a password to log onto your computer, phone or email.
  • DO check to see what ports on your computer are wide open do ne’er-do-wells at Gibson Reserach’s ShieldsUp! site

If you’ve already been compromised, you can sometimes roll back your system via System Restore to a time before the compromise – if you know when that was. You may just want to back up your important documents, format your hard disk, reinstall your operating system and get a clean start.

On an iPhone or a BlackBerry, a factory restore will wipe out any old virus, keylogger, or other malware you might have picked up – along with everything else that you put there on purpose. Doing the same for an Android should wipe out any malware as well. Although some Android data may be recoverable by an expert after a factory reset, there should be no active malware.

But, have I been hacked?

Frankly, it’s not always easy to tell.

Most apparent phone, email or computer hacking is really the result of nontechnical “human hacking.” We make so much information public, it can become possible for a perpetrator to guess logins and passwords, or fool an email service into sending a password reset link for an account that is not theirs. One well-publicized recent example is Matt Honan of Wired Magazine, who famously wrote, “In the space of one hour, my entire digital life was destroyed.” But nobody used any special technical skills. They just looked up information, made some clever guesses, and had a lot of chutzpah. Fortunately, most of us are not such attractive targets as a Wired journalist.

The book, “Social Engineering: the Art of Human Hacking,” by Christopher Hadnagy, talks a lot about such methods, and how to protect oneself against them.

What are some signs that could indicate that you have been hacked?

  • New programs have been installed on your computer – ones you didn’t install (although some software – especially free software – sneaks various programs and “helpful” browser toolbars past you).
  • New documents (that you have not written or downloaded) appear on your computer..
  • Documents disappear from your computer (although it’s not hard to accidentally delete or move files around without noticing).
  • Programs pop open that you didn’t click on (although there are other, innocent reasons this could happen).
  • You get odd pop-up messages that don’t seem to come from a program you are using.
  • Your passwords have changed (and not because you just forgot them, as I sometimes do).
  • Your security program(s) has been uninstalled or deactivated.
  • The computer is doing things by itself – the mouse moves and clicks on things without any action by you, for instance.
  • You find information about yourself on the Web that should only be known to you.
  • There’s a note displayed on your desktop – your screen – that you didn’t put there.

What should I do if I see some of these?

Document everything you see, with dates and times, and take screen shots right away. For screen shots, it’s easiest to use your cell phone camera if it’s handy, but it can be done right on the computer. In Windows, push the PrtScrn key (to put an image of the whole screen into your clipboard), then open a new document (such as in Paint) and press Ctrl-V (to paste the image into the document), then save it with a meaningful name, like “Screenshot at 1:27PM on Jan 1, 2012.” On a Mac, simultaneously press the Command (cloverleaf) key, the Shift key, and the number 3. The screen is saved to your desktop with a date and time as the name.

You can report it to the Internet Crime Complaint Center, aka IC3, and if it is what the government would consider a dramatic incident, some action may be taken.

If it involves child abuse, including abusive photographs of children, you can report it to the National Center for Missing and Exploited Children (NCMEC).

What are some of the things that forensics people do for clues to try to catch the perp, or generate enough evidence so that the police will take it and run with it?

  • Freeze the evidence in time with a forensic image.
  • Search the device for keyloggers, rootkits, Trojans, remote control access, bash history.
  • Search out meaningful IP addresses tucked away on the hard disk.
  • Search out meaningful email addresses.
  • Check Administrative and Guest User accounts for vulnerabilities.
  • Find (and recover) deleted files that may be relevant.
  • Inspect Volume Shadow Copies and System Restore Points for relevant evidence.
  • Search the entire device (used and deleted/unallocated space) for text that may have been noticed or may be relevant.
  • Help to identify found IP addresses.

Hacks can happen to anyone, but it’s usually not personal. Still, if you’ve been hacked, forensics experts can help you identify intrusions, but unless you need to catch the person, it’s easier and cheaper to wipe your device and start over.

Subscribe to our free and informative weekly forensics newsletter!

 

Related Posts

CSI Cases from Burgess Forensics #69 A Case of Hiphop Beef

The Stories are true; the names and places have been changed to protect the potentially guilty. It was almost closing time on Friday and my thoughts were turning to Barbequeing some of that mouth-watering Santa Maria tri-tip while my nose was turned to the scent of...

Email as a signed contract vs. fraudulent emails

Email as a signed contract vs. fraudulent emails We all send and receive email, but did you know that what you say in an email can be interpreted as a legal contract? And that sometimes, emails are fraudulent? Both are true. The Statute of Frauds Although email didn’t...

El Salvador Adopts BitCoin

El Salvador Adopts BitCoin copyright Steve Burgess, 2021 El Salvador just passed a law to make BitCoin (BTC) legal tender and is the first country to do so. It did something similar back in 2001, when it made the US Dollar the official currency, replacing the...

Keeping Your Bitcoin Safe

BitCoin. Everybody wants some. But what’s the best way to keep it safe once you’ve got it? And how to get it? First things first – you get BitCoin (and Etherium, and DogeCoin) from a cryptocurrency exchange, like you would from a “regular” currency exchange to turn...

Cyberbullying and Covid-19: 2021 Update

California defines a cyberbully as anyone who sends any online communication to deliberately frighten, embarrass, harass, or otherwise target another. The Cyberbullying Research Center defines it as “willful and repeated harm inflicted through the use of computers,...

Cybersecurity & Covid-19: Vulnerability and What to Do About It

Cybersecurity & Covid-19: Vulnerability and What to Do About It Steve Burgess, 2020 As if we didn’t have enough to worry about. With so many of us working from home (close to 90% of American corporations are encouraging or requiring employees to do so) and having...

Indian Summer Lovin’ – Tech Tips For a Warm Autumn

by Natalie Miller, 2019 With Indian Summer temperatures rising, here are some tips to help you make sure your devices are ready to conquer these warm days of Fall like you are. Check Those Pockets! Taking a dip in the pool, going for a paddle in a kayak, and jumping...

Electronic Waste and Recycling – What Your Old Devices Can Say About You

by Natalie Miller, 2019 With new models of phones and computers being released every year, wanting the latest and greatest is never a bad thing, but what about your old devices? The truth is that old devices can still hold all of the data you put on them or that they...

The Case of The Client Who Wanted … to be Wanted

The Case of The Client Who Wanted … to be Wanted copyright Steve Burgess, 2018 It was nearly Christmas, but the morning sun was pouring in through the windows of my Central Coast office, casting shoe-shaped shadows on the West side of my desk. Perhaps I should have...

Burgess Forensics Newsletter Vol. 5 Issue 1: FitBit Fun Forensics & Foes 08.08.2018

  Fitbit, Fun, Forensics, and Foes Have you tracked your 10,000 steps today? Has anyone else tracked them? Fitness trackers are big business, helping people get and stay fit, and helping them share their progress with friends – and sometimes with strangers. The...

Pin It on Pinterest

Share This