|Is There a Bright Side To Being Hacked?|
According to theis NYT article, there is.
Is There a Bright Side To Being Hacked? [nytimes.com]
|Rather, what Anonymous has done, experts said at the big RSA computer security conference here last week, is raise the alarm about the unguarded state of corporate computer systems. |
By and large, the Anonymous break-ins take advantage of gaping computer holes and gullible human beings. The hackers ferret out weak passwords and take advantage of unencrypted e-mail stashes.
I'd rather say: There is a bright side to someone else being hacked.
Every hack I hear about keeps awareness high and keeps me constantly updating and adding new layers of security.
Yes, if my house hadn't been burglarized I would never have realized that I ought to have solid steel doors, motion detectors in every room and bars across all the windows. If not for that mid-air collision nobody would ever have learned how outdated the coroner's office is. If it hadn't been for the fire that flattened 30,000 acres including four schools, nobody would ever have known that...
Oh, never mind.
When some malicious code was introduced to the home page of one of my sites (FTP passwords stolen by a virus on my PC I think) I discovered that I no longer had the source code so I had to finally do that redesign that I had been putting off for the previous twelve months.
When my site was hacked, I realised that Google liked the #*$!o images better than the content I've spent 10 years creating...oh no wait, that's about 3 months in the future... ;)
Wild exaggerations aside, at least from my standpoint, heck yeah there's a bright side. It wakes people up. It's not so much that you need "steel doors and bars" but for crying out loud . . . lock your car, take your keys, don't leave your wallet sitting on the dash. That's a closer analogy. (I actually saw this browsing through channels last night and stopped on "World's Dumbest" for a minute - the one with bikini girls going through a parking lot checking cars. They found an open car and there were wallets left in it. Who does that? Same people as below.)
Last week a server got blacklisted due to a user CP password: domainname123. Come on folks, I warned you. You didn't listen, you wanted convenience, you wanted something easy to remember, and you passed it around to everyone you know like a rag doll, leaving it in every re:re:re: and Fwd:re:fwd. Are you listening now? I do believe you are.
A few years back I bitched and moaned about having to make a site PCI compliant. Struggled through it, and guess what? It's PCI compliant now, and I learned a LOT. Would have never done it if they hadn't started scanning.
I work with Wordpress sites daily. I usually get called in to clean up hacked up sites. :-) Harden Wordpress like they tell you to, and guess what? It doesn't get hacked again (at least, for a very long time anyway, or until the next vulnerability comes up.)
It's never easy, it's never convenient, I always wonder why people have to spend their time ruining someone else's day, and it always comes at the worst times, but it's always good because it forces you to learn what you feel like you should already know, and fix what should have been fixed in the first place.