Clyde heard about the Jeep that got hacked and worries that it could happen to his car since he connects his phone to the car with USB. Leo says that simply connecting the phone to the car stereo isn't sufficient for this. The Jeep hack involved using the car's built-in 3G access. The real flaw is that the entertainment unit of the car and the computer running the car (braking, ignition, etc), are not physically separated. They are connected in many cars through the CamBus, or internal car network.
The computer network of the US Government Office of Personnel Management was hacked by what the FBI calls "Chinese hackers." OPM carries details on the records of every single government employee, including security levels and personal information. And there's millions at risk. Leo's not so sure that China is at fault here, although China does have a very active and robust cyber espionage group. What Leo sees here is blackmail material, based on the clearance database.
If you've had your email account hacked, then it may be time to take further security measures to keep it from happening in the future. Here are some simple steps you can take right now to better secure your account:
- Change your account password
Tim had AT&T and then changed carriers. He wants to know if he can use the AT&T Microcell/FemtoCell with his new carrier. Leo says probably not. It's likely locked to AT&T. All carriers offer them, however, and there's a good chance they are the same. There may be a way to hack it.
Elizabeth got an email from her friend that included suspicious links, and she's wondering if his email account was spoofed. She looked in the header, but didn't see anything. How can she find out if it was spoofed? Leo says the tale is the CCs. They would only be able to put so many addresses in a field, and if they are using multiple fields, then she'll know the person has cracked the account. Yahoo has always had security issues. So the account has been hacked and there's all kinds of ways to do it. First thing to do is change the password, and make it a difficult one.
In the latest "Pwn2Own" hacking competition, a Korean hacker was able to crack secured versions of all the latest browsers. He not only took home a quarter million dollars, but also the laptops that the browsers and operating systems were installed on. Leo says that all these hackers save up exploits all year long in order to Pwn2Own. And a lone security researcher was able to own IE11, Chrome, and Safari, and he took the whole thing. All the browsers were 64 bit too. This was the largest payout in the history of the competition.
Calling it the first example of state sponsored Cyber Warfare, the FBI says that North Korea was behind the Sony Hack that prompted the studio to drop The Interview from it's release schedule. Leo's not buying it, though. First off, the US has been doing Cyber Warfare for years, as did Israel with the Stuxnet virus that broke centrifuges in Iran's Nuclear program. So it's far from the first.
Leo called in and said his work computer got a virus. Everytime people log onto his website now, they get that FBI symbol. Leo says that hacking websites is the number one way hackers can get onto home computers. It's possible that his work website has been hacked because it isn't up to date and has security vulnerabilities.
NBC's Richard Engle did a story that mobile phones and computers were hacked the second people arrived in Russia for the Olympic Games. Leo says that the NBC story was completely false, and had been faked to get the audience looking at Russia in a particular way. Leo says that they would get hacked if the reporter deliberately went to a malicious site and downloaded the software that would infect the computer or mobile phone. Engle was a thousand miles away in Moscow when he did it.
There's a report that someone sitting at your Mac can fiddle with the clock in OS X and gain access to your system. Leo says that having physical access to a computer can create a lot of security issues. It's something to be concerned about if you're going to lunch and leaving your computer open, but 99.99% of the time, this is much ado about nothing. Just create a screen saver password that's really good, and you're golden. Even better, turn on full disc encryption (called "file vault" on the Mac) and everything is safe until you log in.