UPDATED 15:23 EDT / AUGUST 21 2012

NEWS

Hackers Aren’t Getting Tougher, They Just Have All The Right Tools

These days, hacking seems so common. It’s like a week won’t pass without hearing news about another site being hacked or passwords being leaked.  So the situation begs the questions, “Are passwords getting weaker or are hackers getting tougher?”

First off, we here at SiliconANGLE always remind you, our readers, to be vigilant in choosing and keeping passwords secured.  There are a lot of techniques in doing this like periodically changing your passwords, not telling everyone what your password is, using capital letters interchangeably with characters, numbers, etc.  But all these efforts will be for naught if the site doesn’t salt your passwords.  Salting passwords means they’re encrypting them so that it can’t be easily acquired.  Most sites these days encrypt their users’ passwords but there are still some sites who do without salting.  So how come passwords still get hacked if they’re encrypted?  The answer is simple: hacking is now made easy.

Sean Brooks of Gawker tells the tale of how passwords aren’t actually getting weaker and hackers aren’t getting stronger, it’s just that hackers these days have more hacking tools to aide them in their mission.  Before, when hacking wasn’t that popular and computers aren’t that fast, hackers used a small list of passwords to guess user passwords.  But as the time changed, the list grew.  You’d think that hackers would have a tougher time cracking passwords since there’s now a bigger list to go through but you must not forget that computers these days are faster and can churn millions of data at the blink of an eye.  Plus the fact that there are  a lot of cracking software available these days, acquiring passwords may just be a walk in the park some.

There are two things you need to remember if you want to acquire passwords.  First, if you do manage to get passwords of a certain site, there’s a huge possibility that it won’t be of any use to you since it’s hashed.  Remember, sites encrypt passwords.  So if a user uses the word “password” the hacker won’t see “password” but a code like “dzportsjd342nse9339f93qnnfgk134nsk4g” (not actual code) so he then needs to figure out what the code means before the password can be of any use to him.  This is the reason why security companies often remind consumers to use an alphanumeric password, or inject some characters into them and avoid using obvious ones like your name and birthday, so hackers won’t easily access your account.  Another thing to remember is to use different passwords for every site so in case one of your accounts gets compromised, your other accounts will still be secured.

The point is, users aren’t to blame if their accounts get hacked, it also doesn’t mean that the security measures of the service you are using is not commendable, hackers just have all the tools they need to do the task.  So don’t beat yourself up.  Still, it wouldn’t hurt if you make your passwords tougher.

“This is why the mantra of the day is slowly becoming not how to avoid getting hacked, but that everyone eventually gets hacked,” says HackANGLE editor Kyt Dotson. “Even almost-bulletproof outfits like Blizzard have gotten their password databases taken in recent hacks, we’ve seen Sony’s PlayStation Network get hit, we’ve seen Cryptic Studios discover a hack two years late. If we learned anything from LulzSec, most users are going to get passwords swept up in a hack that affects a third-party service they’re part of and the password they use there will be checked against their e-mail accounts and elsewhere. So keep your passwords not necessarily complex but diverse.”

Oh, and if you’re a wannabe-hacker hoping to read about hacking tools here, sorry to burst your bubble but the world already has a lot of hackers. I’m not about to burden the world with more of them.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU