“My account has been hacked!”
It’s probably not the first time that you’ve heard those words, but what exactly does it mean for your account to be hacked? I’m not referring to cases where your Ex guessed your password and snooped through your emails. Authentication attacks are done by machines, not a person behind a computer guessing passwords. So what exactly are authentication attacks, and are the consequences even worth thinking about?
Identification and Authentication
Before we get into authentication attacks, it helps to understand the concepts of identification and authentication. Nowadays, almost everything you do online whether it’s browsing Reddit or shopping on Amazon, encourages you to create a user account. These user accounts are the target of authentication attacks, and some of them potentially have more value than others, such as your email account or online bank account.
Identify yourself! Are you somebody I know?
Identification refers to the process of stating who you are. For example the login screen will prompt you for a username, and entering your username is a way of stating who you are. If the username exists, the system is able to identify the user account associated with it. Essentially, you are stating your identity with the username.
How do I know you’re who you say your are? Tell me something only you would know!
Authentication refers to the way you prove your identity. Just stating your name isn’t enough to prove who you are. You certainly can’t go to the bank with just a name and come out with a pocket full of cash. You prove your identity by offering something only you would know or have. In most online cases this would be a password. When you create your account you are required to provide a username and password (aka your credentials). Providing your credentials the next time you visit implies that you are the owner, or have some level of relationship with the person who created the account, allowing you to authenticate.
Authentication Attacks
Authentication attacks attempt to guess valid username and password combinations. A basic form of authentication attack, Brute Force attacks, try to gain access to an account by attempting random passwords. Threat actors use programs to automate this process, and can attempt to guess your password thousands of times a day.
How do you know if your account is being attacked?
Unfortunately, not every system has a good defense against authentication attacks. However, here are some common indicators that can help you identify whether your account is at risk.
I’m locked out of my account
Some systems have mechanisms in place when too many wrong passwords are attempted on a user account. One of these mechanisms is to now allow further password attempts for a period of time. If you find that you are locked from logging in to your account, this could be the reason why.
I got an email saying someone tried to log into my account
There are systems that have a way to distinguish ‘normal’ login activity with ‘abnormal’ activity. For example, if you usually log in from the USA and on that same day a machine located in Russia tries to log in to your account, you might get an email alert. Truth be told, nowadays these types of email are almost always spam, especially if they ask you to log in through a link…
My password no longer works
If you know for sure you’re entering the correct password, but it no longer works, that could mean somebody has accessed your account and changed your password. You should immediately try to claim your account back, either through the ‘I forgot my password’ tool, or contacting the support for that application.
It’s just an Account, what’s the WORST that can happen?
Not being diligent with your online security, especially when it comes to your accounts on various platforms, could potentially damage your public reputation as well as your finances.
Getting social media accounts hacked such as your Facebook, Twitter, or Instagram accounts could damage the public perception of you. Quite commonly, these compromised accounts are used to ask for money/donations. They can also leverage the trust of your friends and family to get them to give up private information or infect them with malware.
It is obvious what the consequences of getting your bank account compromised is, or any other account that has your banking information saved (e.g. Amazon, Ebay, PayPal, various gaming platforms). What might not be so obvious is that these accounts are typically tied to another recovery account; the recovery account that is used to prove your identity should you happen to forget your password. Yes, your email account. For many people, their email account is tied to many other accounts, such as social media, school, and banking. If your email account gets compromised, everything linked to it becomes at risk.
Authentication attacks are a silent, but growing threat in today’s online landscape. Not many people are aware of the threat, and even fewer comprehend the drastic consequences. We have the foolish notion that we are anonymous behind the smartphone or computer, and that we can simply turn it off to avoid any danger. The reality is that our lives are slowly but surely becoming more integrated online; being attacked online is becoming as real as being attacked in the world.