Can social media be hacked?

How a person can be hacked and what to do about it

Mat Honan is a journalist at Wired - a specialist magazine for digital developments and technology. One can be sure that he is not a naive user of technology. His use of the Internet is similar to that of many people who are regularly online: He bought books on Amazon, had an iTunes account, used Google's email program, was active on Twitter and saved a lot of his data in the so-called cloud - that is, on one Server that is accessible via the Internet.

Mat Honan's accounts have all been hacked, as he himself writes - with the following consequences:

  1. His Google account was completely deleted.
  2. Racist and homophobic reports were spread on his Twitter account.
  3. His computer and iPhone were completely erased (loss of important data, including all pictures of his daughter)

(1) How did that happen?

The hackers put a lot of effort into making use of weaknesses in the security system. Vulnerable were Amazon and Apple, both of which released information to the hackers who pretended to be Honan who could no longer log into his accounts. With the respective information, it was possible to access both accounts. The Apple account was the backup email address for the Google account and the hackers could use it to gain access to Google and thus access Twitter - the actual goal: They should get Honan in public trouble.

With Apple access, if this is set up, you can delete computers and iPhones - because you might want to do that if the devices are stolen.

(This representation is very concise and simplified - if someone wants to know more details, check out Wired or ask in the comments.)

(2) Can this happen to anyone and everyone?

Basically yes. As I said: the effort has to be worth it. Hackers don't take 40 hours to hack someone's account. But if something can be won, nobody is sure.

(3) That can be done about it

Apple and Amazon are vulnerable - there is no better way to protect accounts. In addition, it is irrelevant to this problem how good the passwords are - they were not cracked, but bypassed. What helps are the following options, which are not always practical:

  1. Checking emails almost every minute, you would see when emails with temporary access codes arrive that you did not request yourself.
  2. Google's protection is currently one of the best on the net - but only if the so-called “2-step verification” or “confirmation in two steps” is activated: You will then receive an SMS with which you can then definitely log in can. Nobody who does not have the mobile phone can log into the account. Switching on is pretty easy, but setting it up on different mobile devices is extremely tedious, I find.
  3. Do not link the accounts with each other, i.e. never use one from another important account as a backup email address (otherwise you can hack two accounts with one).
  4. Save all data not only in the cloud, but also on a hard disk with a backup.

I am grateful for further information in the comments.

I like it:

LikeLoading ...
Posted byPhilippe WampflerPosted inInstruction, Case, Competencies, RisksTags: Amazon, Apple, Google, Hacking, Mat Honan, Protection, Wired

Published by Philippe Wampfler

philippe-wampfler.ch Show all posts by Philippe Wampfler