The Russians are coming . . . the Russians are coming . . .

Listening to NPR today  it was hard to discern the real effect of the recent news that 1.5 billion consumers login information was hacked by a small group of Russian hackers. It seems that the information that was collected was redundant, or had been hacked before and that the information that was mined was for the purposes of getting email addresses to sell to potential buyers.

Be ready for a torrent of junk mail.

All that being said, it really is important to understand your vulnerable areas and what the true defense against the dark arts should be.

First of all there is a difference between owning a PC and owning a MAC.  PCs are more vulnerable and so you should have some type of store bought security system to help you (McAfee, Norton, etc). 

The following is paraphrased and comes from Askville:

Macs do not present targets of opportunity, due to a number of factors. For one, an exploit that will attack a PC will not attack a Mac, just as legit software that's written for a PC won't run on a Mac (without emulation).  So, it stands to reason that nobody is going to bother creating a virus or worm that will only affect 10 to 15 percent of all possible systems.  The numbers indicate that the pickings are better in PC Land.  

Another factor is that the largest number of compromised systems out there have been captured by "botnets," which are used for DDoS (Distributed Denial of Service) attacks and for propagating spam.  Low numbers once again make Macs undesirable targets for the people who operate these things. 

Finally, a majority of attacks are targeted against business users, where Macs have effectively no penetration.  Please be sure to understand that Macs aren't secure because of their programming. They're secure because the hackers don't bother with them.

• All that being said there are things you MUST do to keep things on the up and up.  Botnets can go into your email and mine data from it, so do not leave passwords in your email files, and at the same time, don’t SAVE email confirmations of password information.
• You should have a different password for all of your financial accounts and they should be difficult to remember, i.e. write them down and put that information in a safe place AT HOME (not work).
• It also seems prudent to change your financial passwords monthly — yes, monthly. It will assist you in yet a further measure of security.  Why? By the time much of this information about hackers comes out at least 60 days have gone by.
• As far as things such as Twitter, LinkedIn, FaceBook, Pinterest, etc., etc. are concerned you can use the same password, but change it every six months or so. Again this is just a stop-gap measure.

For more information  about the Russian Hackers see the following:

• http://www.pcworld.com/article/2462520/five-unanswered-questions-about-massive-russian-hacker-database.html
• http://arstechnica.com/security/2014/08/report-shadowy-russian-hacker-group-now-has-1-2b-usernames-passwords/
• http://www.engadget.com/2014/08/06/russian-hackers-billion-passwords/