(KYTX) - The security firm that discovered a massive Russian cyber attack says the one point two billion people hacked are still vulnerable. Local experts in East Texas say we as online users could be doing more to stop attacks like this.
It's the biggest hack we've seen yet, executed by a Russian cyber gang, that injected malicious code into at least 420,000 websites to gather your personal data.
"Users contributed a lot to what happened today," says UT Tyler Computer Science Assistant Professor Nary Subramanian. He says as hackers and technology get more advanced, our passwords should too.
"Very simple passwords take modern machines a few seconds to hack," he says.
We need to step it up and use uppercase, lowercase, numbers and symbols in all our passwords. Having trouble coming up with one? here's an example:
"Use what we call a pass phrase or anagram password. This is a simple phrase. It says, 'I am 24 years old!' From this pass phrase I can generate this password, "I@24yo!" which has uppercase, lowercase, numbers, and symbols," Professor Subramanian explains.
Also, don't be that person who uses the same password for many different websites. That's just making it easy for hackers.
"Likewise, they should keep changing passwords as frequently as possible. I know it's not something people like to hear but it's good to have passwords changed at least once in 3 months," Subramanian says.
These hackers took advantage of user passwords, but they also took advantage of poor website design, or websites with little security. So if you're a business owner with a website, the professor says to hire a security consultant who can run tests to see where your website's weaknesses are.
You may have to shell out a little money, but is skipping that worth compromising your business and all you customers? Probably not.
Experts say it probably took these hackers months if not years to collect all this data and put this cyber attack together. Taking action now means you'll be much safer for the next attack.
If you think you've been a victim of this cyber attack, go to HoldSecurity.com and register to see whether your email address is one of those compromised. That company is the one who uncovered this huge cyber attack.
If your information has been compromised, you should also call the websites your information was stolen from to let them know.