How Self-Published Authors Can Prevent Being Hacked
How To Not Get Hacked: In this article, I explain some simple techniques self-published authors can deploy to protect themselves from hackers and data piracy.
This past week we heard of massive cyber-attacks impacting many countries including Australia. These cyber-attacks are becoming more commonplace and the damage caused is growing exponentially. The fact is, if you’re using the internet there is a very high probability that you have been exposed and some of your sensitive data has been stolen.
So Who’s Behind This?
There are three main types of cyber-attackers:
- Cyber Vandals: Typically young kids (mostly male) who get a kick out of hacking into people’s accounts. They may earn some pocket money by selling your data on the “dark web”.
- Criminal Gangs: Organised gangs of hackers and scammers who look to make money from selling your data, stealing directly from your accounts or they may use the data to scam you out of your money using a host of blackmail or ransomware exercises.
- State Sponsored Attackers: These are Government sponsored groups that are looking to steal money, intellectual property, influence elections or disrupt the processes of foreign Governments. These are the most sophisticated, the most damaging and potentially the hardest to guard against. They like to target Government Agencies, big companies, banks and utilities.
What is the “Dark Web”
The Dark Web is a clandestine form of the internet. It is used for illegal activities such as illegal trade, forums, and media exchange for pedophiles and terrorists. It requires specialist software to access and as such is the playground of criminals and “internet geeks”.
The Importance of Backups
You perform regular backups don’t you? Backups won’t prevent a data breach however they are good practice and may be needed if a breach occurs within your personal computing environment. Originally backups were performed to protect against data loss in case your computer was lost, stolen or malfunctioned. Today they are also a necessary component for recovering from data theft.
With today’s internet it is very easy to set your computer to automatically backup to the “cloud” giving you offsite storage protection. Within Intertype we use this approach as well as constant back up to internal hard disk storage devices to give the ultimate in backup security. For the self-published author either approach is very low cost and can be automated.
Has Your Data Been Compromised?
Yes is the simple answer. The problem is that most people are totally unaware of the breach.
There are two avenues that the pirates can use to break into your data:
- Directly into your computer. They may try to access your email account or go straight into your device from your login screen.
- More often the breach occurs via third party applications. So far in 2020 data losses have occurred across over 150 large companies many of which are used by self-published authors. The applications include Yahoo, LinkedIn, Adobe, Facebook, Dropbox, Twitter and Canva.
Prevention is The best Form of Defense
There are a few simple things that authors can do to prevent the data pirates from seriously disrupting your life.
-
- Identify At Risk Accounts: Some accounts such as banking are higher risk than others and it’s worth knowing the ones you have to be extra careful with.
- Make a list of the online accounts that you use such as banks, government, telecoms, pay TV etc. When I first did this exercise I was shocked to see I had over 80 accounts, many of which I no longer use.
- Highlight those accounts that contain very sensitive data that will cause you a lot of grief if they are compromised. Think banks, superannuation funds, Government etc
- Highlight those that may hold any credit card or bank account details.
- Highlight those of big global corporations or Government Agencies. Think Facebook, Twitter etc
- Close Accounts: The quickest and easiest way to minimize the risk is to close accounts that you no longer use. Be careful however, as simply logging on and closing may not necessarily remove any of your data they may hold.Here is a little trick I use that works especially well with accounts of global companies. These companies generally have to comply with all the data protection regulations that operate in most parts of the World. GDPR (Google it if you must know) is one of the strictest and provides for the “forgetting” of information. Update the following text with your details and email to the “support” team within the account. Within days your data should be wiped from their systems.
Hi, please delete my account and any data you store about me. I appreciate your help.
• Erase my personal data according to Article 15 GDPR. I meet the requirements of data removal requests set forth in Article 17(1) GDPR.
• If I consented to the processing of my personal data (e.g. according to Article 6(1) or Article 9(2) GDPR), I hereby withdraw my consent, I no longer want my data stored or processed by your organization.Here’s the information you’ll need to identify my account:
* [your name used to set up the account]
* [your email address used to set up the account]
Sincerely,
[your name] - Set Up Two Factor Authentication: Bigger companies and high risk applications are increasingly using two factor authentication as a means of improving security. This approach typically involves a unique code being sent to your mobile phone as part of the login procedure.
- Change Your Passwords: Chances are, your passwords are easily compromised. It’s a common issue and one that is easily fixed.The account risk assessment you performed earlier will help you prioritise the accounts to work on. My favoured approach is to change the passwords of high risk accounts every month and ensure they are different for each account. For low risk accounts I change the passwords twice a year at the start and end of daylight saving.The hardest parts of password management is the creation of secure passwords and then remembering what they are. I use two tools to help with this.
- Google Chrome has a password management application that remembers online passwords making it easy to login as required.
- Password Management Applications: There are a few of these low cost tools available. I use LastPass which I’ve found simple to use but there are others you can check out. LastPass generates complex and secure passwords, remembers them and populates the password field within logon pages.
- Identify At Risk Accounts: Some accounts such as banking are higher risk than others and it’s worth knowing the ones you have to be extra careful with.
Check Your Data
I find it useful to run scans across the dark web to identify if my details have been placed there for the pirates to access. There are a number of scanning services available and I use one offered as an additional service by brandyourself.com . This process has identified that my data has been placed on the dark web 17 times since 2012 and notifies me immediately when a new breach has been found. As I have good password management processes I only need to update one password to maintain my data confidentiality.
Key Takeaways for protecting yourself from data pirates are:
- Backups are a key recovery tool
- You can be assured that your data has already been compromised
- Securing your data is a simple process that only requires a little discipline
I know, self-publishing can seem daunting but it doesn’t have to be. In coming episodes, I’ll be exploring the simple, no BS and fast approach to becoming a successful author.
Finally, I want to leave you with one piece of advice:
Data security is simple and a low cost process all self-published authors need to have in place. Data security is a global issue that Governments are powerless to control so it’s your responsibility to put in place the protocols to minimise the risk and prevent loss.