How To Get Hacked:

A Quintessential Guide

Managed Services

Life’s a breach!  That’s not a typo, these days too many folks are setting themselves up for disaster – even with all the reports of someone else or another company that has been hacked.  If you want to be counted in that number, there are a number of sure-fire ways you can be an enabler!  All it takes is making a practice of following bad habits, making bad decisions, and generally ignoring telltale signs.

As I sit writing this guide, we are entering the Christmas season.  A time when nobody thinks twice about the jolly old elf bypassing our security by entering our fortresses through the chimney.  Reports abound of delivered packages being stolen off of doorsteps, yet on Cyber Monday, US shoppers broke another e-commerce record by rackung up a total of 9.4 billion in online sales.

There are 2.3 billion people worldwide with social media accounts, and it seems every time I turn around, I get a warning from someone else who’s account has been hacked.  A warning to all the Who’s in Whoville, there are a lot of Grinches out there that are alive and well, with hearts that are more than 2 sizes too small and are hard at work to steal more than just Christmas.  And if you don’t change the bad habits, and continue making bad decisions, guess what?  You get hacked again!  How many times does a child have to stick their finger in a light socket before they figure it out?  Once, right?  But, warnings of how to keep yourself and your personal data safe have just become white noise, and many have turned a deaf ear.  So, for those of you who are not inclined to heed the warnings, I have prepared a guide listing several practices to guarantee that you will indeed get hacked.

The Nutcracker doll has its roots as a symbol of protection in late-17th century Germany.  They were made as gifts, alongside toys and puzzles and were thought to be lucky. They were usually the lever type and came as a pair in the form of a soldier, knight, or king.  The dolls were complicated puzzles of engineering, sometimes including up to 130 individual parts. The design was perfected in the Erzgebirge region near the Ore mountains in the late 17th century.  The Steinbach family made their fortune mining, but their legacy is in nutcrackers.  They sold the festive dolls at Christmas markets around Germany, but as it was unusual for a household to have more than one nutcracker, they eventually began to expand their sales strategy to include outside of Germany in the early 19th century.

According to German folklore, nutcrackers bring good luck to your family and protect your home. A nutcracker is said to represent power and strength, serving somewhat like a watchdog guarding your family against danger. A nutcracker bares its teeth to evil spirits and serves as a messenger of good luck and goodwill.  Today, the most popular Nutcracker remains the wooden nutcracker doll presented in the ballet as a Christmas gift to Clara.  Dressed as a soldier, it is crushed by Clara’s jealous brother, Fritz.  It is gently tucked under the Christmas tree on Christmas Eve, coming to life at the stroke of midnight.  As Clara awakens, the house, the tree, and the toys seem to be getting larger.  Out of nowhere, large mice dressed in army uniforms, led by their Mouse King, begin to circle the room while the toys and Christmas tree come to life.  Clara’s nutcracker groups the soldier toys into battle formation and fights the mouse army.  There are many different versions of the story, you get the idea.

But who’s kidding who?  You aren’t looking for protection, you actually want to get hacked.  So here are sure-fire ways to get hacked.

This list is not all-inclusive of procedures to ensure getting hacked, but these are sure to put you on the high-track for falling prey to hackers:

  1. One sure way to get hacked is to make your password as easy as possible to remember. After all, you certainly don’t want to forget it, and it’s a hassle to make it too complicated to type, right?
    • Hackers and criminals are too dumb to figure out short, easy to associate, easy to guess passwords.
    • Don’t even consider password lengths of up to 12 characters or more – too much typing.
    • Don’t use passphrases or groups of unassociated words – Those will be too hard to remember.
    • Don’t mix in all the character types, you certainly won’t remember those.
    • Use your name or birthdate, those will certainly be easy for you to remember.
    • Make sure to enthusiastically click “YES”, when asked if you want your password to be remembered. Then you don’t have to worry about remembering it.
  2. Never, ever change your password.
    • That way you don’t have to remember a new one.
    • You aren’t even tasked with generating a new one. Who wants to hassle with that?
  3. In order to remember your password: Write. It. Down.  You may be starting to accumulate a number of them and you want to keep track of them.
    • Post it on your monitor, or better yet, under your keyboard – no one would ever think to look there.
    • Don’t use a password manager, such as Keepass or LastPass to keep track, they’re too hard to manage.
  4. Share your password – hey, the more the merrier.
    • Someone will surely help you remember it.
    • No one would ever dare to do something illegal, unethical, or embarrassing while logged in to your account as you.
  5. Do not use 2 Factor Authentication, that’s just another headache and major source of frustration.
    • It will make logging in such a hassle.
    • It’s not like your account receives any logon attempts from places like Armenia, Russia, and the Czech Republic.
  6. Use applicable and accurate security questions and answers when prompted as you create your profiles.
    • Again, random characters are too hard to remember, don’t substitute them for a real answer.
    • Don’t be a brother from another mother and pick a new mom for her maiden name. Your own mother would be heartbroken.
    • Use your own real birthplace as it’s not easy for a nasty to look up.
    • Use your real anniversary date or place you were married, because if you answer those questions incorrectly, well, … see item 6b – there will be blood.
    • Be proud! Use your old elementary school, high school or college mascot, you’ve never shared any of that information anywhere, so who would know?
    • The list goes on and on. Always supply accurate information so you won’t forget.   Records are kept on almost all life detail, even the most obscure, so you can even go look it up – but don’t worry, hackers don’t have the resources to do that.
  7. Take a lot of personality tests on social media, they’re a lot fun! You can rest assured that nobody will be able to harvest your information to be bought, sold, or stolen.
    • Nobody would possible be able to use your information to profile you or your friends.
    • Something as simple as your likes and dislikes could never be used for targeting ads or for political gain.
    • Divulging personal information on a medical-themed quiz is harmless, they’re covered under health and privacy laws just like your hospital or doctor, right? Maaaaah!  Wrong answer.  They’re usually not, and after all, you do want that information to be public knowledge, don’t you?
    • This item goes hand-in-hand with item 6, always try to tie the 2 together. Nobody could possibly put 2 and 2 together when these quizzes ask similar questions as a security question on one of your profiles or accounts.  And the answers have to be true and correct on both so you can get an accurate reading.

It really comes down to making sure any information you provide for the items in this list should be searchable.  If you really want to get hacked, making it easy for the Wet Bandits or the Sticky Bandits, or whatever you want to call the bad guys, is essential.  There are a lot of Grinches out there, and know this, they really, really, really are out to get you.  Why fight it, eh?

In the Nutcracker ballet, as the clock strikes midnight strange things begin to happen.  Clara awakens as the house, the tree, and the toys seem to be getting larger.  The toys around the tree come to life while the room fills with an army of mice, led by the fierce Mouse King.  As the Nutcracker awakens, he leads his army of toy soldiers into battle with the mice.  The Mouse King corners the Nutcracker and battles army can go on no longer and are captured by the mice and their King.  Clara makes a final daring charge, throwing her slipper at the Mouse King, hitting him square on the head.  The Mouse King drops to the floor and the mice run away, carrying off their leader’s lifeless body.  The moral here is that even if you use an army of Nutcrackers for security, you will also be required to do your part – unless you really do want to get hacked.

If today’s technology had been available at that first Christmas, Joseph could have posted pictures of the Christ-child on his social media account to share with the shepherds, there would ‘ve been no need for them to receive on onsite visit by a heavenly choir.  Rather than navigating by following a star, those three wise guys: Balthasar of Arabia, Melchior of Persia, and Gaspar of India could have used their GPS.  Of course, you can bet old King Herod would’ve had the royal hackers hard at work too.  Goes with the technology territory.

So, go ahead and follow this guide to a T, and I can almost guarantee your information will be low hanging fruit to an evil, ever-persistent Rat King.  It just might be a good idea to keep a brick handy and slide it into your slipper before you let it fly!

Recently from Rattan - Subscribe to get insight direct to your inbox.

 Enterprise-Level CyberSecurity for All Businesses

Let our professional team of system engineers and network administrators ensure your company’s cybersecurity through our managed services offering.  Start the conversation by completing the form below or give us a call at 405.810.8005.

    Recent Posts

    About The Author

    Donny Hilbern is a network and systems consultant specializing in analyzing, designing, and implementing network and enterprise systems.  Donny has been working in the IT field for over 25 years, with nearly 20 years of that time invested in network and system administration and infrastructure technology.  He has experienced a number of undocumented or lightly documented issues during that time.  His desire is to leverage that experience in sharing about some of those issues and how they were resolved to make IT work for his clients.

    Recently from Rattan - Subscribe to get insight direct to your inbox.

    How can we help?

    Contact us to discuss your needs and perhaps schedule a meeting.