Cybersecurity Expert Answers Hacking Questions

Just because someone's described as a script kiddie

doesn't mean they're not capable of doing a lot of damage.

Hi, I'm Allison Nixon, chief research officer at Unit 221B.

We specialize in tracking cybercriminals.

I'm here today to answer your questions from the internet.

This is Cybersecurity Support.

[upbeat music]

First up, this question is from piro_pyro.

The internet isn't just crowded with bots,

it's being silently taken over by them.

Think zombie apocalypse, but digital.

Hmm. This question is suspicious.

I see an em dash,

and I see an emoji at the end of this message.

I think this is a bot.

So I'm gonna take this bot's question at face value,

and I'm just gonna answer it.

In comment sections all across the internet,

there are a lot of bots that are posting nowadays.

These bots may be tasked with advertising a product

and spamming the comment section by saying,

Hey, this product is so great.

I use it all the time, and you can buy it here.

But there's also political bots as well,

and sometimes these are operated by nation states

who may be trying to manipulate

the population in another country

into voting a certain way or doing a certain thing.

They may be trying to stoke conflict.

And so as you're reading comments on the internet,

keep in mind there may be larger geopolitical situations

where they're treating you as a pawn.

Nobody has the problem under control.

It's a difficult issue to navigate.

When you're reading the comments section,

I would suggest that you find

a different source of information to base your opinions on,

like court documents or reports that happened

right after an incident happened,

rather than later on down the line.

It's really better for you to learn the facts

and then form your own opinions.

This question comes from slimboysam.

Scammers are using my voice with AI. What do I do?

So this question is describing a scam

where a elder family member may receive a phone call

where your voice may be manipulated with AI,

and the scammer may be telling your grandparents

or family member, Hey, I'm in a serious situation.

I need money right now. I'm injured, I'm hurt.

This is a big emergency.

So this is a very difficult situation

because oftentimes these scams

will try to prevent the victim

from contacting the family member

to actually verify that this happened.

And when you're in that situation,

it's very difficult to deal with.

But one thing that you can do

is before this scam hits you,

you can talk about these scams with your family members.

Say, Hey, there's a new scam going around.

Here's how it works. If you get this, let me know.

And this can be a good topic of conversation

to bond with your family members over as well,

and also keep each other safe.

So as you talk to your family members about the scam,

one thing that they can do is try to verify

that the person on the line is actually you.

Ask a question that only you would know.

So think very old past shared experience.

What's your favorite food? What was the first dog's name?

Another thing that your family member can do

is just hang up the phone and call you back on your number.

That may be very difficult to do in the moment,

but if you can discuss what your protocol is going to be

before this happens,

then if this scam does hit your family member,

they're gonna be more prepared

and they won't hand over the money.

So this question is from the privacy subreddit.

Can someone gain access to your phone activity

without coming in contact with it?

When someone gains access to your phone activity,

most of the time it will not involve them

coming into contact with your phone at all.

Usually the way people steal your information

is when your information is stored

on someone else's machine.

One place where your phone activity is stored

is at your phone company.

So when you make a phone call

or you send or receive a text message,

there's gonna be a record.

And if your phone company gets hacked

and those records get stolen,

that's one way that bad actors can figure out

what you're doing on your phone.

Also, you may have personal data on cloud accounts,

and when you're using your phone,

you're updating those cloud accounts with more information.

So if those accounts get hacked,

these actors can figure out what you're doing on your phone

without ever touching your phone.

One way to keep yourself safe is to be mindful

about how you secure your accounts in the cloud.

Make sure that you're not using the same password

across different websites.

Use a password manager.

Hopefully, store that password manager

on a machine you own and not in the cloud.

This is what we do.

This is a question from Idk1997283.

Anybody getting this wrong number text scams?

So the wrong number text scams is something

that a lot of people have been getting lately.

You receive a text from an unknown number

and it may say, Hello, John, and your name is not John.

After that first text, they'll say, Oh, wrong number.

And then they'll try to initiate a conversation with you.

These are part of organized crime operations

that are operated out of other countries,

and unfortunately, they have a history

of even enslaving people to force them to work these scams.

So when you receive a wrong number text scam,

I recommend that you don't interact with it.

Don't talk to the person, don't give them any money.

Also, don't insult them

because you don't know who's on the other end

and you don't know what kind of grizzly operation

is behind that text that you got.

This question is from Brickhau55.

Is Anonymous still around? LOL.

Yes, Anonymous is still around.

The original people that made up Anonymous,

they are older, they have mortgages, they have kids,

so you don't see them do the wild things

that they used to do

because they have lives that they need to live

and they've moved on from those early days.

So this question is from tyinsf.

Does SMS messages report spam do anything???

There may be a button that looks like three dots,

or there might be some kind of further information button

associated with that message.

So click on that button,

and you may see an option that says Report.

When you report a message on SMS

or any other platform honestly,

that goes to an entire ecosystem of cybersecurity employees

that review that information and aggregate it

and take notes and monitor for trends.

This is one of the last jobs that's going to be automated

because this job involves essentially human conflict

played out on the internet.

The scammers are continuously updating their scams

to try to bypass the anti-fraud and reporting mechanisms,

and the cybersecurity people are receiving these reports

and continuously updating the anti-fraud mechanisms

that the platforms have.

So when you receive a fraudulent message,

be sure to hit Report on those scam messages.

So this question

is from the explain like I'm five subreddit.

Is there any risk in snooping around the darknet?

If you do choose to look around on the darknet,

keep in mind that the biggest danger coming from the darknet

is not necessarily coming from technical threats,

but it's coming from human threats.

I generally don't recommend that you interact with anybody.

Keep in mind that the person on the other end

is likely a criminal,

and these are not normal social interactions.

These people will often try to manipulate you,

trick you, scam you.

There's a lot of cybercriminal forums,

socializing places where criminals tend to hang out,

talk about crime, share tips on how to do crime.

There's also ransom websites

where extortion groups will steal data from companies

and threaten companies

and then leak the company's private data.

Sometimes people go on the darknet for work,

to track what criminals are doing, what they're announcing,

what they're bragging about,

and to keep an eye out

for any mistakes they may have made in their communications.

So the darknet is a place of social activity.

It's definitely a dangerous forest.

If you wanna wander into it,

keep your eyes open, have someone watch your back.

Obviously keep your software updated.

Don't download or install weird things

that you find on the darknet.

You are literally interacting with criminals and mafias

and hostile countries.

So this question is from kjata30.

Don't click the link? Okay.

I clicked it, now what?

You may have just clicked on a weird, suspicious link

that you received over text message or email.

Sometimes people do

get weird messages with suspicious links,

and they may come from a legitimate sender

that just may be a little bit weird-looking.

So double check the sender,

and if it's something that you still think is suspicious,

definitely hit the Report button

on the message that you got.

That way it can go into the system,

and cybersecurity people can aggregate that

and look at that.

On the device that you clicked on that suspicious link,

ask yourself: when you visited that link,

did you input any of your personal information?

Did you download or install anything from that website?

Think about what happened after clicking that link.

And then that can help you understand

the next steps that you need to take.

So if you put a password into that website,

you need to change that password.

If you put your credit card number into that website,

you need to call your bank

and get your credit card number changed over

and talk to them.

If you have downloaded

or installed anything from that website,

you need to run a virus scan.

And depending on the situation,

it may be worth reinstalling your operating system.

In the best case scenario

where you may have clicked on that link

and then closed out of it immediately,

your risks are a whole lot less

than if you had inputted any information

or downloaded anything.

This question is from lemonsnicks.

Does it really matter

if I don't change my password regularly?

For accounts that you log into all the time,

a common practice is to change passwords

approximately every three months.

Now, this is a lot of work.

It's inconvenient, and nobody wants to do it.

If you have to pick

between changing your passwords regularly

versus using a unique password on every website,

I would say put your effort towards using a unique password

on every website.

Don't reuse any password across any website.

And the reason for this is,

when bad actors steal people's passwords,

they will try that same password

for the victim's account on a different website.

This is a common practice by attackers.

When you are changing your passwords,

you should focus on the most important

accounts that you have.

So your main personal email,

your work accounts, your banking,

and any accounts that you use

for communication with your friends.

Now, when you change those passwords,

a good practice is to use

something called a password manager

where you note down all of your accounts

and all of your passwords,

and then when you update your password,

you also need to update your password manager.

Typically, when you use a password manager,

you're gonna use one password

to unlock everything else on your password manager.

I prefer to use the ones

where you're storing your passwords on your own machine

and not in the cloud.

A Quora user asks, Are sextortion emails real?

A lot of people will receive emails

that say, Oh, I've got your naked pictures.

Give me money, or else I'll send them to your family.

These are sent to millions of people.

They are counting on a small number

of those millions of people

to think that it might be a real claim

because they might have a situation going on,

and they're relying on those few people to pay them out.

These kinds of scams are very damaging.

Keep in mind that these claims are almost always a lie.

Don't get emotionally wrapped up into this too much,

and don't pay these people.

There are also sextortion schemes where they may use AI

to create naked pictures of you.

If you are stuck in a situation like this,

it's not going to ruin your life.

Don't do anything drastic.

Just slow down, calm down, make rational decisions.

I understand that with social stigma,

it may be difficult for people to report this information.

If at all possible,

please try to find someone that you trust

that you can talk to privately about this matter.

Okay, so this is coming

from the explain like I'm five subreddit.

How does a government block its country's internet access?

When people are using the internet,

there's only a handful of companies in every country

that provide internet access,

and the government simply tells those companies

that you need to block these websites.

For example, in Iran,

where they're shutting down the entire internet,

the government has essentially

told the internet service providers in that country

to shut down the entire internet,

and under their laws they have to comply.

International law in cybercrime is very weak right now.

It's very much where countries determine their own laws.

And in situations like with Iran,

when they shut down the entire internet,

that's a less common scenario.

Most of the time,

countries are gonna block specific websites.

Sometimes this is because

the website criticized the government,

and in that country,

it's illegal to criticize the government.

Now in Western countries, when they block websites,

it's usually because the website may be associated

with fraud or harming the public.

So the intentions behind blocking websites

may also be different.

As a regular person,

if you don't like your country blocking websites,

you need to get involved politically

if you wanna keep the internet open and free

and able to access.

A Quora user asks, Do cybercriminals dump their phones

after committing crimes?

Yes, they do.

I have seen videos of cybercriminals smashing their phones,

running over their phones, setting their phones on fire.

It doesn't really help them.

Oftentimes, information is stored in the cloud

or on different devices,

or even if a phone is smashed,

the data inside of it can still be retrieved.

If the police really, really need to know something,

there are forensics teams

that can extract out the physical hardware,

pull out the chips and the boards

and read data off of chips bit by bit.

It's very expensive, very slow,

but if it's a really important case,

the police will pull out all the stops

and they'll figure out what they need to figure out.

So this question comes from zerostyle.

Best security training for aging parents?

Protecting against phishing, rogue links, other attacks.

So this is a very important topic.

When your aging parents

are getting new phones or new devices,

you can help them set up the devices

to be more locked down and more secure.

You can talk with them about how these devices can be used,

and make sure they know that they can call you anytime

if they have a question or they see something weird.

Also, another important thing

is new scams that are going around.

Oftentimes these scams target elderly people,

and if you learn about some new scam that's going around,

bring that up as a topic of conversation with your parents.

This will help them protect themselves.

So it's important to keep them educated,

and it's a great opportunity to talk to your parents.

You should call your mother sometime.

So this question is from Vision-Quest-9054.

What types of cybercrime exist besides hacking?

Hacking implies a technical kind of attack,

but a lot of cybercrime that happens nowadays

doesn't involve technical skills

or writing code or deploying code in any way.

Oftentimes, it involves just lying to people on the phone,

social engineering them,

tricking them into doing something

that they wouldn't otherwise do.

This is a question from Pure_Blank.

Why should I care about my data

getting stolen/sold/generally not being secure?

A common attitude that people may have

is they may not care about their data being stolen.

They may think, I'm not important, I'm not special.

The problem is if you have an income, if you have a job,

if you have anything worth stealing,

you are interesting to somebody.

You may not realize in the moment

how that data may be used against you,

but into the future, somebody might come up with a new idea

for this data in some kind of scheme.

When it's stolen, it's out there,

and it's not going to go away.

This question is from kaleighconners.

Why are hospitals more vulnerable to cyber threats?

So, hospitals are highly regulated.

They are using machines that are very complex,

used for medical procedures,

and as a result, you can't update the software very often.

Because security patches are not being deployed

as quickly as maybe your phone might receive them,

hospitals oftentimes have cybersecurity threats

that are unique to them.

Unfortunately, in addition

to hospitals being more vulnerable,

the consequences are worse when the hospitals get hacked.

There are people that have had their treatments delayed

or may have died

because they couldn't get treatment in a hospital

because of a hack.

The cybersecurity situation with hospitals

I feel is getting worse over the years.

Cybercriminal gangs have deliberately targeted them

more than they used to.

The police will often prioritize attacks against hospitals,

and any cybercriminals that are engaged

in that kind of activity often get arrested more quickly.

This question is from SakuraMikuuu.

Is it possible to hack someone through Wi-Fi?

If this Wi-Fi is in your home

and nobody else has access to your devices,

you can be a lot more confident in it.

If you're on a public Wi-Fi at a coffee shop

and there's all kinds of unknown people

also on the same Wi-Fi,

there's a little bit more risk.

Now, one thing to keep in mind

is the situation is a lot better than it used to be.

The typical machine that you're going to use

will detect tampering and refuse to even operate.

Now that said,

there's a lot of innovative, advanced attacks out there.

I can't guarantee

that you're gonna be totally safe on public Wi-Fi,

but nowadays, when cybercriminals are attacking victims,

they're using some kind of scheme

where they can affect thousands of victims,

and that just doesn't involve public Wi-Fi.

So a Quora user asks,

Could cyber terrorists be as dangerous

as the gun-wielding terrorists,

or are they just a bunch of geeks?

So the answer is, why not both?

One thing to keep in mind about the internet,

people are conditioned to not take it seriously,

but the problem is that the internet allows you

to connect globally with anybody.

So a bad actor can connect with millions of people.

If they did that with malicious intent,

that could cause harm

against millions of people across the world.

And there are gangs operating nowadays

that are using the internet to commit violence

and to mass recruit people into committing violence.

And this is something

that governments are taking very seriously,

and I think the general public should also take seriously.

So this question is from ZeroEdge_io.

Friend asks, What do hackers actually do?

Me says, 70% Googling, 20% reading documentation,

10% looking cool in terminal.

When I'm answering this question

of what do hackers actually do,

I'm trying to describe the non-criminal version of hackers.

The term hacker is a bit confusing and controversial.

People use the same term to mean two very different things.

On one hand, hacker can be used to describe a cybercriminal

where they are abusing computers in order to abuse people.

Another way that people use the term hacking

is to describe a non-criminal person

just exploring what their computer is capable of doing,

figuring out neat technical tricks that nobody else knows.

So a common way that people may engage in hacking

that is fun and non-criminal

is when kids are cheating at video games.

And I don't mean downloading cheats that someone else wrote.

I mean manipulating the memory in your computer,

maybe changing the files on your own computer,

just exploring for yourself.

This is the kind of exploration

that children commonly engage in

that could be considered hacking.

But if there's no victim,

it may be a safe activity to engage in.

Now, if you're a kid watching this,

double check with an adult,

don't just run off and do something crazy

and say that I told you to do it.

A question by Swings_Subliminals.

The line between script kiddie and hacker???

Script kiddie is basically an insult.

It's used to describe people

that don't understand the systems that they're exploiting.

They don't know how to read or understand code,

but they will download exploits from the internet

and try to hack just by pressing a button.

Just because someone's described as a script kiddie

doesn't mean they're not capable of doing a lot of damage.

The term hacker is a little bit controversial.

It's used by people to describe cybercriminals

that hack illegally into computers.

It's also used to describe people

that work in the cybersecurity industry

who do not break the law,

but figure out innovative, clever ways to use computers

that wasn't anticipated,

and use those skills to make the world more secure.

This question is from ZanzerFineSuits.

How do companies know that hackers stole data?

And the person says, It's not like the data disappears,

like if someone steals your car.

They just copy it.

How does any company know

what data was actually stolen, if any?

So there's a lot of different ways

that companies know about this.

Oftentimes with the extortion groups

that are operating right now,

they will just tell the company that they stole the data.

That will also come inside of a ransom note

where they are threatening the company and demanding money.

Oftentimes with these extortion groups,

they actually do delete the company's

copy of the data as well.

When they're operating these schemes,

they've realized that they can make more money

by destroying the company on the way out.

This question is from Intelligent-Way1288.

At what point is hacking considered illegal?

So there is a law called the Computer Fraud and Abuse Act.

It was passed in the 1980s.

It defines what is illegal computer hacking versus not.

And when police are trying to determine

if a certain behavior is illegal or not,

usually the metric they go by is whether or not

the behavior is destroying someone else's property,

stealing someone else's money, causing harm to a person.

If you wanna experiment with computers

and do weird things that may break a computer,

do it to your own computer.

Just in general, don't be a bad person on the internet,

and that significantly reduces your risk.

This question comes from 747269737616E.

What's happening when two countries

launch cyberattacks on one another?

So launching a cyberattack

is not quite the same as launching a missile.

It very much depends on the situation.

One thing that we've seen in recent conflicts

is cyberattacks that may be done

in conjunction with a physical attack.

So it may enhance a physical attack.

So for example, traffic cameras in a city may be hacked,

and the hackers working for the nation state

may be monitoring the cameras

to see what kind of activity is happening on the street.

That knowledge may be used to inform missile strikes

or an invasion of people.

This is often how we see cyberattacks play out

in real-world conflicts.

This is from the privacy subreddit.

Why do police and governments

have so much trouble getting into iPhones?

They have a lot of trouble getting into iPhones

because iPhones were designed

to make it very difficult to get into.

It's as simple as that.

Different products available to the consumer

have different design features, different selling points,

and the people that want to buy an iPhone

often wanna have a phone

that's more locked down and more secure.

The people that wanna buy

other competitor phones like Android,

they may be more interested in the freedom

to do what they want on their phone.

Now, there's trade-offs with that.

If you wanna do creative, unusual things with your phone,

that opens up functionality

that could also be used by governments and police

to break into your phone and pull out your encrypted data.

Do you wanna have a more secure, locked down machine

that you can't do a lot with?

Or do you wanna have a machine you can do a lot with?

But there are security risks associated

with those abilities.

It's up to you.

So this question comes from BadKarma-18.

People who work in cybersecurity or are hackers themselves,

how do data breaches happen?

Most of the time it's because some criminal actor

figured out an exploit that the company didn't fix yet,

or perhaps tricked an employee into providing a credential

or stealing a credential from an employee

and then abusing the employee's access to steal data.

The answer to this question changes a lot over time.

There is a constant discovery

of new mechanisms to steal data,

and companies are constantly fixing all of these exploits.

So this question is from hr9383.

How does law enforcement track down cybercriminals

who use public Wi-Fi and VPNs to commit illegal activities?

So nowadays, when it comes to catching cybercriminals,

VPNs, public Wi-Fi,

it's not actually a barrier to catching them.

Catching them involves waiting for them to make a mistake.

Cybercriminals love to brag. They love to show off.

There's a lot of footprints they leave behind

that may not necessarily be contained

within their encrypted devices.

And oftentimes when cybercriminals get caught,

it's because of something

that has nothing to do with encryption or data protection.

Every case is unique

when it comes to catching cybercriminals,

and it's often a battle of wits.

It's quite interesting work, honestly.

So this question is from dumbgirlbrooke.

So how do VPNs work?

It's like using a proxy.

So say you have a message that you wanna send to a website,

but you don't wanna be the one actually sending it.

You may pass that message to someone else's machine,

say, operated by a VPN company,

and then that machine will pass that message to the website.

So a VPN is a way to hide your IP address online.

And the way that it accomplishes that

is that you're using someone else's IP address instead.

Now, there's a lot of advertisements

that are gonna tell you this is how you get more secure,

but unfortunately, VPNs also increase risk as well.

When you're sending all of your traffic

through someone else's machine

so that you can use their IP address instead of yours,

that other person's machine may be looking at your traffic,

they may be hacked, they may have other issues.

So as you are making your cybersecurity choices,

you need to weigh all these different risks

against each other.

So this question is from Malwarebeasts.

Did shutting down cybercrime forums

like RaidForums and BreachForums

reduce crime or just scatter it?

So the answer to that is both.

Cybercrime is something that's not gonna be solved,

just like regular crime in society, but it can be reduced.

And the actual strategy of fighting cybercrime

is one where you need to both suppress it,

arrest bad actors,

shut down infrastructure where bad actors are congregating,

and scattering them is a positive step forward.

Reducing cybercrime is also a positive step forward,

and all of these different tactics

are part of a larger strategy of fighting cybercrime.

That's all for today. Hope you learned something.

Stay safe out there,

and thanks for watching Cybersecurity Support.