THE RECORD
OUTHACKING THE HACKERS
BY IOANA PATRINGENARU
Stefan Savage UC San Diego professor of computer science , Jacobs School of Engineering
This fall , UC San Diego computer science professor Stefan Savage began receiving calls from a strange number in Chicago . As a cybersecurity expert who often targets hackers , Savage was wary , but he soon learned it was the MacArthur Foundation , awarding him the fellowship commonly known as a “ genius ” award . Here , he gives his insights on the future of cybersecurity and advice on how we can keep ourselves cybersafe .
Let ’ s get right to what people want to know : What ’ s the best way to protect our personal data ?
There are a few things I recommend everyone consider . First , make sure you do regular backups of your computer . This is really the best defense against ransomware . Second , since the most common vector for account hijacking is via password reuse , it is best to have distinct passwords for each site ( and no , having one password with the sitename appended doesn ’ t count ). The easiest way to do this is to get a third-party password manager program to do it for you , and then just have one complex password for the password manager . Third , for important sites like your principal email site and for banking and major e-commerce sites , enable two-factor authentication if they have it . This means that even if your password is stolen , thieves won ’ t be able to log in to your site . Finally , be suspicious of any message or email you receive that sounds too good or too bad — scammers like to send messages that heighten our emotions so we don ’ t think rationally .
What about massive data breaches like Equifax ? What can we do about those ?
Sadly , I think the herd has already left this particular barn … it has been easy for scammers to get your Social Security number data for quite some time . There are limits to what you can do here , but I encourage people to avail themselves of their annual free credit report and check it for errors . Second , you can freeze your credit at all three credit agencies , which will make it difficult for someone to open a new line of credit in your name ( note that you ’ ll need to unfreeze your report when you want to get a new credit card or mortgage , so plan accordingly ).
What got you interested in the field of cybersecurity in the first place ? It was a bit of an accident . I had been doing network measurement work , and I needed help from people around the internet to measure traffic both from my computer to them and back from them to my computer . That doesn ’ t scale well , so I found myself wondering if the underlying network protocols could be manipulated to convince the other side to do the measurement for me ( i . e ., without needing a friend ). That this was possible opened my eyes to how much of the existing internet depends on everyone following norms of what is “ supposed to ”
16 TRITON | WINTER 2018