And hello Mr Putin, if you’re reading this.
I don’t mean if he’s subscribed to my emails. I’m pretty sure he hasn’t. I’ve got lots of readers in the UK, quite a few in Australia (g’day!), Spain (Hola!), France (Bon jour!) and the USA (howdy!). But not many in Russia.
But you might have heard about how the Russian government are apparently employing hackers to target computers and other tech equipment in Britain. And not just computers at big companies or government departments – ones belonging to ordinary people.
The headlines (as you might imagine) are pretty sensationalist… and not always quite on the money. So I thought it’d be a good idea to first explain what actually seems to be going on and then tell you what to do about it!
So what’s actually going on?
Well, the British and US governments have both said they believe the Russian government are deliberately trying to hack into equipment over here. In particular they’re targeting the routers – the devices you plug into the wall to provide your wifi.
And they’re really aiming at ordinary people’s routers, not ones belonging to organisations. Ones in big organisations tend to be harder to hack into, at least in theory. If you cast your mind back to the big attack the NHS suffered a year or so ago, their security was appalling (yours is almost certainly better than theirs was) – so it might not always be true.
But why routers? Why not mobile phones, PCs, or tablets?
Well, there are a few reasons. They’re often easier to attack, people don’t tend to notice when they have been hacked (so don’t sort it out) and most people have one, whether they have a PC or a tablet at home to use it.
But the main reasons is to do with what the hackers plan to do with the devices they’ve hacked.
You see, it’s not like when someone hacks your computer in order to get something from your computer. To watch you type in card details or whatever. The aim is to hack into these routers, gain some control over them, then let them sit there, working perfectly normally – for now.
Then in the future if they want to attack, say, the NHS or an airline or whatever, they can do it via these routers – by then they’d hope to have thousands under their control.
That means that the attack can’t easily be traced – or rather, when it’s traced it’s come from thousands of different routers in this country, which doesn’t help much.
It also means it’s harder to block – for example you can’t just block all access to the NHS computers from overseas, because the attack itself is coming from inside the UK.
Of course, we don’t know for certain they’d ever use these routers – it might be a precaution or a threat that doesn’t get used.
What can you do about it?
It’s still worth doing what you can. I don’t know exactly how these particular hackers are going about it but I’d bet they’re using the “car thief” approach.
You remember those locks you could get to put on your car steering wheel – usually in a bright orange colour so it was obvious your car had it? Anyone could have sawn through one with a hacksaw. But why would a car thief steal a car with one and give themselves the bother? They’d go for a car that didn’t have one.
It’s the same with hackers. They might be able to hack into a well defended device but in general they’ll go for the easy ones. So doing a few things to make it harder for a hacker can often protect your equipment pretty well.
There’s the basic stuff I bang on about a lot: make sure your computer has a security/anti-virus program and that it’s up to date. Don’t install random programs or apps from sources you don’t know. And on a tablet or smartphone, don’t set it to allow apps to be downloaded from unofficial sources unless you’re very sure you know what you’re doing.
(You probably already have it but if not, there’s a free short ebook I wrote about security here. It’s short so not in huge detail but well worth a read.)
If your router is being targeted, if it’s an old one that hasn’t had any updates in a while, it’s more likely to be attacked. If you have a router you were given when you signed up for broadband from Sky or BT (like the home hub) or whatever it’s likely it gets updates automatically, which is great. If not it might be worth doing the updates but this can be a bit tricky, so it might be worth asking a techie friend to check if your router’s firmware needs updating, rather than doing it yourself. (If you got instructions with the router that cover how to update it you could follow them – just take it step by step and it shouldn’t be too bad.)
So should you panic?
I don’t think so. For now at least, I don’t think it’ll make any great difference to most people’s experience of using the internet. And if they do carry out an attack using these routers, it might not work… and if it does it’ll be a bit like the attack on the NHS I mentioned earlier – a huge, expensive pain, but will get sorted relatively quickly. And in that case you’d have been affected whether or not you use the internet yourself, so you might as well have the benefits of using it.