The term “hacker” may conjure up images of black-clad, computer-obsessed criminals, shrouded in darkness. They might be hunched over keyboards and let out shrill cackles every time they break into a computerized bank account or email system to steal information, money and peace of mind.
But there’s another kind of hacker out there dedicated to good — one who might be saving your web accounts from unwanted intrusion.
“White hat” hackers are increasingly important web enthusiasts and professional programmers who expose security flaws so they can be corrected before “black hat” hackers use programming to find those security flaws and exploit them for malicious purposes.
Knowing there are people out there watching our backs, or in many cases, the backs of those who pay for it, isn’t enough protection for most of us.
Illegal hacking is rampant by any objective standard. Slightly less than half of American adults have been hacked and had personal information exposed such as their name, credit or debit card numbers, address, birthday, phone number or password, CNN reported in 2014.
Among those numbers is junior Melanie Papas, who was hacked in 2014. The 20-year-old Cleveland, Ohio native started getting strange emails and then found that someone was attempting to change her phone number to theirs.
“I felt very stressed because I wasn’t sure what was happening, and I wanted to make sure that all of my information and emails were safe,” the education major said.
Papas fixed the problem within a day by changing her security questions and password and creating a back-up email. She said she thinks she left her email open on a public computer and that’s how the hacker got into her account.
“I don’t think students should be too worried about this happening to them, because for me, it was an isolated incident, but it never hurts to take that extra safety precaution,” said Papas.
Although she said she’s not worried about getting hacked again, Papas said she uses a lot of security settings, especially for her bank accounts and school email.
Senior Claudia Sparks also isn’t worried about getting hacked again.
The 22-year-old of Crest Hill, Illinois, was a victim of hacking in 2012 when several statuses were posted to her Facebook account. The hacker posted links to “free” products (Sparks couldn’t remember what the links were) and also messaged her friends with links to the items. A friend alerted Sparks to the problem, so she changed her password within an hour of the hack and hasn’t had a problem since.
“I wasn’t too concerned about it only because it’s Facebook,” said the secondary education and history double major. “The only thing they did was post some links and send out some spam, so in all honesty, I probably should have been more concerned, but I wasn’t.”
Although she also had an old Yahoo! account hacked not long after her Facebook account was broken into, she hasn’t changed her Facebook password since 2012. She said she knows an email scam when she reads one, doesn’t share her passwords and is cautious about what she downloads and installs on her computer.
Loyola information security officer Jim Pardonek uses different, though in some cases similar, strategies to keep accounts safe.
Good practices include setting devices to automatically update, having up-to-date anti-virus software, selectively sharing information on social media and setting different, complex passwords that are changed regularly for every account, Pardonek said. He also said to never use public Wi-Fi and avoid downloading unsigned software, which means the software is missing name and publisher information.
Students don’t need to worry about hacking any more than anyone else, Pardonek said.
“The only caveat to this is the thought that younger students, especially those just out of high school, are usually more trusting and so post a ton of personal information on social media or share passwords,” Pardonek said.
Sixty-two percent of American adults worry about computer and smartphone hacking, a 2014 Gallup Poll reported. The only crime that is a bigger concern, for 69 percent of American adults, is having their credit card information stolen by hackers who have gotten into a store’s system. They worry about these two crimes more than their home getting burglarized or a car being stolen.
There are two common ways people get hacked, Pardonek said. Either they are on a web browser or site with malware that will infect their computer or they respond to an email asking for personal information. The latter is an example of social engineering.
Computer science professor Mark Albert said social engineering is often very successful and occurs when people trick others into revealing private information on the phone or through email. Social engineering is usually much faster than the hacking displayed in movies or in widely publicized events such as the Sony Pictures Entertainment hack in 2014. Social engineering can happen as quickly as a phone conversation, whereas corporate hacks can take months or years, Pardonek said.
Albert agrees that it’s easier to use social engineering than programming.
“Often it’s easier to pose as an employee by phone than to use technical means to gain access to a computer system,” Albert said.
However, just like not all hacking is criminal, not all hacking is related to computer security. Sometimes programmers will come together for a “hackathon” to build software.
Students at Loyola are hosting a hackathon Nov. 7 for Hunger Week. Together, they will prototype and design new ways to approach hunger in the world. The event is from 10 a.m. to 4 p.m. in Cuneo 210. See page five of The Phoenix Tech issue for more information.
Lindsey Tollefson contributed to this story.