Just lifted my head. It took 3 locations, 50 km and 6 hours of laser-beam focus.
It was bad this time, really bad. Remember this from the other day? That’s me showing you barely the surface.
If you ever have to do this:
Being prepared is the key. Regular backups, and an organized file structure. Then, wipe both your computer and phone simultaneously. Otherwise, one could re-infect the other, making the entire exercise pointless.
The clean-up kicked off here.
I used to use TrueCrypt to encrypt my password manager file, but since the last cleanup a couple months ago, TrueCrypt is no longer, so I had to scramble just to get my manager open, and get at my passwords to change them. It’s always something (and this is why I’ll never endorse a security product).
Then the operation moved to here.
Change my passwords one after another, because once you start, you can’t stop. Bet I didn’t blink for 80 minutes, and I was seeing spots by the end.
80. Minutes.
And I’m very prepared for this, and very fast, seasoned.
Point is: you couldn’t do it this quickly, you couldn’t rebuild in 6 hours.
And that makes me nervous for you when this happens to you. Start to think, and operate, and organize, like you will have to one day. Because any security professional will tell you: it’s not if you get compromised, it’s when. Unlikely it’ll be this extreme and targeted, but one stupid click, on one bad link….
Because remember, cleaning up a compromise happens while under duress… palms sweaty, a scattered mind, gripping fear that my attacker will figure out what I’m doing half-way through, and take control of the accounts I haven’t yet changed. My password manager was altered a few weeks ago, it’s possible. Seems I attract the very best. L33t. I’ve wondered for a while if I’m getting air-gapped.
Scared eyes. Hand over mouth when focused, always.
One of my worst breaches…
March 2013. It was timed to happen while I was on my first international car launch with the newspaper, an already stressful situation. Just as I was about to walk out the door to dinner with the auto manufacturer, both my Twitter and Facebook accounts were compromised, both published updates not from me.
And what could I do?
I figured okay, clearly the attacker has the ability to delete everything I own, but they didn’t, so swallow the fear and go sit calmly at dinner and pretend nothing’s wrong, eat it (and certainly don’t talk about it, because if you want to clear out a room, talk about being stalked online.)
The next morning the attack continued with a phone call, as I was readying to board the plane home, informing me my cel number had been published… to my own blog.
Yup.
Back to today – crucial stuff is now locked down, my email works again. See, I’d known I’d been compromised for weeks, but having been at this for so many years I tried something new: I gave up. Fine, you’re so curious well come on in, see what I’m up to… I’m pretty boring eh, I work too much and have no friends. But then my boss couldn’t email me anymore, and now it affects the paper and not just me, so wipe and reset.
I lift my head up, breathe, look around the food court, and all these sounds and voices start to filter in that I’ve been completely tuning out. A table of old men are looking at me bug-eyed, give ’em a wink, and drive home.
To rebuild.
Backup, transfer to other computer, download and re-install my programs, rebuild my phone, everything has to be finished tonight. Memorize a couple more 30-character long passwords. It’s a bit all-for-not though, really, because one ‘ole SQL injection into my search bar…
Because I have deadlines tomorrow for the newspaper, and what do you say, “sorry! Someone’s inside my computer guys, so there’s going to be a few holes in the auto section next week.”
I’ve done this so many times I’ve lost count, 20 anyway. It’s sad I’m this good at it, really.
Of course I have a few suspicions where this started…
… obviously ex-boys, and a couple other theories, which in trying to escape from, would make me appear like an anomaly to the watchers, who clearly can’t identify a false positive… ‘independent loner who, when they speak, people listen’ is enough to get your name added to a list…
If I was at all shady, or screwing around hacking people, I wouldn’t breathe a word of this, because I’d have earned this. But I never, ever have. You think I want that karma?
Targeting me is like picking on the kid at recess who’s wearing a helmet. I’ve said the same thing since the beginning – am I better at security than the average person on the street? Yes. Compared to anyone in the industry? Nope, I’m a baby, barely a script kiddie. I blog security stuff for the housewives and average user, opposite of bleeding edge. So like, really?
Imagine living like this everyday, everything you’ve built, your life, under constant attack.
Is this really an email from a reader of my column, or a trick? Why does this Twitter account look created just to speak to me? As if that 1-follower Instagram account just liked a photo from 18 months ago. Oh, my physical address has been changed on all my domains. Can’t get into my cel account online, again. In 2010, 5 months of my calendar were deleted. Notice I stopped using Bluetooth headsets? What is it about Bluetooth? That the range is 30 feet… The military should be studying me, to see how I’m able to eat this much PTSD and still function normally. If I told you how often this bleeds into real life, you’d have nightmares too.
It’s completely out-of-hand, this obsession with me. Someone wakes up everyday, for years, opens a file with my name on it, and dedicates time and energy to messing with my life, and mind.
This stuff is so draining. So I’m taking Friday off here, talk to you Monday.
Back your stuff up this weekend, get a password manager, and change your passwords.
Here’s what mine look like: H}aU]’&cM$B=>Q(lI!3[d?2Ri
