Ngô Minh Hi?u served seven-and-a-half years in a U.S. prison after his conviction of running an online store that sold the stolen personal information of about 200 million Americans.
Since leaving prison, Hi?u has become a so-called white-hat hacker, attempting to protect the world from the sorts of cybercriminals he once was. As he and others have pointed out, it is impossible to create an impenetrable shield, but here are some of his tips for how you can mitigate your risks, along with some other practical online security advice.
Stop reusing passwords. It should be mandatory that all corporate passwords be changed regularly and never reused. Once a password is exposed in a data breach, cybercriminals often use it on other websites to see if it grants them access and lets them take over an account or service. Consider an encrypted password manager. Further, while cleaning up passwords, delete any unused accounts, such as vendors you no longer use, or those of former employees.
Whenever possible, use multifactor authentication (MFA) which requires a second, temporary code in addition to your password to log in to a site or service. Many sites send a six-digit code via text message or email, but the most secure method is to use an app that generates a numerical code on your phone that is in sync with an algorithm running on the site.
Of course, clicking on a link from a text message, an email, or a search result without first thinking about whether it is secure can expose your network to phishing attacks and malware. Keep all software and security patches up to date and encrypt and back up your data every day. "A Former Hacker's Guide to Boosting Your Online Security" www.propublica.org (Jan. 27, 2022).