Hacked! Slaves to technology, tech companies and their “enemies”

My computer was hacked apparently due to no fault of my own and my only realistic youve-been-hackedoption was to send it for recycling.

You need technology for your work. Technology messes up your work. You have to spend your hard-earned money to buy new technology that you didn’t want to buy; money you would have rather saved or used for something else. And the cycle goes on and on and on. We’ve been turned into slaves of technology, the companies that produce it, and the hackers that often control it.

It’s been difficult coming to terms with it all. I’m not very tech savvy, but I know enough not to respond to e-mails from Nigerian princes or acquaintances saying they are traveling and lost all their money. I know not to click on suspicious links. I know how to recognize a suspicious link or a suspicious-looking e-mail address. Often, if a friend, a real one, sends me a link in my Facebook inbox without an introduction, I’ll suspect that maybe that friend’s account has been hacked. Before clicking on the link I’ll ask them to prove to me that they really are that friend.

So when my Macbook shut down and I restarted it only to get a screen asking for an activation code that I did not have, telling me to e-mail an Apple-looking e-mail address that clearly wasn’t Apple’s, my first terrified thought was: BUT I DIDN’T DO ANYTHING! 

Ultimately, my only three options turned out to be:

  1. E-mail the hackers at the address provided. Others who have done this were asked for ransom money in order to regain control over their own machines.
  2. Replace the computer’s logic board for what I was told costs something in the range of £400.
  3. Buy a new computer.

I was NOT going to negotiate with bloody hackers. Fuck them. I bought a new computer and sent the hacked one to Apple’s recycling team.

I spent a whole week speaking with Apple support over the phone and in my city’s main Apple store. No one can tell me exactly how this happened. One of them did tell me that they are seeing cases similar to mine. He told me of a case he knew in which a guy e-mailed the bogus Apple e-mail address and was asked for £400,000 in return for re-activating his computer! This wasn’t the norm, I was told. Usually people are asked for smaller amounts of money, maybe 100 quid.

My computer shut down after I had received odd notifications on my iPhone, first telling me to sign into my Apple ID, which I didn’t because I couldn’t understand why it was asking me to do that, then telling me that someone in a place called Kaluga was trying to access my Apple ID and do I want to allow them? NO, I clicked.

I decided I needed to check my e-mail and see if Apple was informing me of a potential “break-in”.

I never enabled my e-mail apps on my iPhone. I feel I am already hyper-connected to the outside world and want to be somewhat free of it all when I leave the house. So to check my e-mails, I opened the lid of my laptop. The last screen that was there when I had used it a few hours earlier was still there, but a click on the screen did not lead to a new browser tab being opened. In a matter of seconds, my computer shut down. When I pressed restart I got the hackers’ ransom screen.

Terrified, I went to my iPad, my last resort for accessing my e-mails. Fortunately, whatever happened to my MacBook Pro hadn’t happened to my iPad. There were messages in my e-mails telling me that Lost Mode was enabled on my iPhone and later that my iPhone was found in location x, a place I had actually been about half an hour earlier. I also received an e-mail from Apple telling me that my Apple ID was used to sign into iCloud via a web browser. It wasn’t me.

Then I saw this in an e-mail:

Nadia’s MacBook Pro has been locked.
This Mac was locked at 3:40 PM PDT on July 29, 2017. If you retrieve your Mac, unlock it using the passcode you created at the time you locked it.

First line of business, change my Apple ID password.

Second line of business, set up a phone appointment with Apple support first thing the next morning. All this was happening just after midnight.

The phone call the following morning was fruitless. I was told to go to my nearest Apple store. There, I was told that the hackers must have managed to get into my Apple ID and lock my MacBook as if it had been stolen. Later, another Apple support man told me that sometimes people receive notifications on their phones about abnormal Apple ID sign-ins, but that these are actually ads. Clicking on them is the equivalent of clicking on a suspicious link.

We can solve this, the nice guy at the Apple store told me.

A wave of relief washed over me.

He asked for the original receipt of my computer. I bought the laptop in the summer of 2012 in Egypt. In my frantic search as I rushed out of the house to go to the Apple store, I hadn’t managed to find the five-year-old receipt.

The nice Apple guy said, “That’s not a problem. We can still fix this. Sign into your Apple ID and answer your security questions.”

I signed into my Apple ID with my new password. But I couldn’t answer the security questions correctly. Nice Apple guy assumed it was because the hackers changed my security questions. I tried incorrectly too many times and was locked out of my account by Apple until the following day.

I had a second Apple ID. Apple guy asked me to sign into that and answer its security questions. I couldn’t answer those correctly either. I knew the answers. They were straightforward. Apple guy thought perhaps it’s the use of small and capital letters I was getting wrong. Apple locked me out of that one too.

If I am answering my own security questions incorrectly, how did the hackers manage to answer them correctly?? I asked Mr Apple. He did not have an answer for me.

His solution: Buy a new computer. We’ll take the hard drive out of your hacked computer and transfer all your files to the new one. You won’t have lost any of your data. Then go home, look for the hacked computer’s receipt, and work on regaining control of your Apple IDs. Do that, and we’ll be able to get back into your hacked computer and give you access to it again.

I couldn’t understand why it was possible for him to get into my hard drive without a receipt but it wasn’t possible for him to do the magic he was promising was possible to reactivate the actual laptop. The promise wasn’t only his. He had been on the phone with someone senior to try to find a solution for me. Mr Senior said that the magic could not be done without the receipt. It seems, as part of the procedure, that Nice Apple Guy would be asked if he verified the receipt before he could start the unhacking process.

I had an imminent and very important work deadline. I couldn’t do without my computer and my computer files. My laptop is the only one we have at home. My husband bought me a new one, the files were transferred and we went home.

Within hours I had sifted through years-worth of receipts and eventually found a copy of the original. I was hoping it would be enough, but I wasn’t certain.

The next day I focused on getting that article written. Then, over a period of two days, I spent a significant amount of time on the phone with Apple support to find a way to regain control over my Apple IDs. I was still answering my security questions incorrectly. Short story: the answers hadn’t been changed. I must have been using capitals where smalls should have been used or vice versa. Apple support was able to take my answers over the phone, type them in themselves, and give me access to my IDs again.

How do I prevent all this from happening again? I asked. You need two-factor authentication, I was told. Activating this means that for anyone to gain access to your Apple ID, they also must have direct access to one of your devices. I was certain I had done this for at least one of my three devices. But my iPad had been telling me to activate two-factor authentication and I had been ignoring it. Not knowing exactly what it was, I felt that I was already losing control over all my passwords and security questions. I thought that adding yet another layer of security meant that I had to remember something new.

Apple support on the phone convinced me to get two-factor authentication and walked me through the process.

In the meantime, I had changed all my passwords. It’s now impossible for me to recall any of them purely from memory.

I then e-mailed the Middle East branch of Virgin Megastores. I sent them a copy of my receipt and asked if they could locate the original and e-mail a scan for me. In my mind, this was a real long shot. I bought by MacBook in Egypt in 2012. EGYPT. They won’t be keeping hold of receipts for that long in Egypt. A lovely young woman from Virgin Megastores customer support in the Emirates called me on the phone. She then spent two days working with the Egypt branch to locate my receipt. They found it! I received a scanned image of it. I was thankful beyond words.

Yesterday I went back to the Apple store feeling victorious. I had the receipt for my hacked MacBook. I had access to my Apple IDs. Apple could relinquish control of the laptop for me, I could return the new computer, and life would go back to normal.

But it didn’t.

Suddenly it turns out, after new Nice Apple Guy speaks (and literally begs, he promised me) on the phone with another Mr Senior that my laptop is considered vintage and they can’t access it (why is completely beyond me but I’m assuming it’s a tech thing). Are you telling me that nothing can be done? I asked. Unfortunately, nothing can be done, he said.

I was shocked. I had spent hours of my own time and taken hours of lots of other people’s time doing exactly what I was told to do and I wasn’t going to be able to get my hacked laptop back because it was too old. How is five years too old for a computer??

Since Apple were the ones who told me that if I did x,y,z they would be able to regain control of the laptop, they offered a 20% discount on the new laptop I bought the previous weekend as an apology.

We were left with no alternatives. I signed away my old laptop for Apple to take it away for safe recycling and left the store devastated.

This wasn’t my only technology calamity this week.

My bank is updating the security of its account-holders. I filled in a form to this effect and hand-delivered it to the bank. Nevertheless, I continued to receive e-mails and letters telling me that I urgently needed to fill in the form. A phone call to the bank revealed that my filled-in form was indeed easily found on their system. Weeks later, I received a threatening letter from the bank saying that if I don’t fill in the (already-filled-in) form, my ATM access to my account would be severely restricted.

I visited my local bank branch. After they made a phone call to headquarters to understand where the issue was, I was told that they were having a backlog due to the sheer volume of forms they were dealing with. These threatening letters go out to customers automatically when the forms are not processed within a certain period of time. Ignore the letter, I was told.

I want to lodge a complaint, was my response.

I have done what I was told. I filled in your form and hand-delivered it. Anyone I ask can see it on the system. Yet I, the customer, am being threatened that my access to my own money will be restricted because you guys can’t keep up with your work. The letter I received did not tell me to ignore it if I had already filled in your form. It was a plain and simple: If you do not send in this form, you’re access to your money will be restricted.

I no longer know how to feel about technology. We live in a world in which we’re significantly dependent on it. But it is also making us vulnerable. The more dependent on technology we become, the more information we have on it, the more accessible it becomes to others.

We’re told to use mobile banking, put our photos on the cloud, add credit card details to online shops. Our passwords are saved on multitudes of websites. Everyone wants a username and password nowadays. Some of these sites seem to have easy-access to our passwords. A recruitment website I had an account on sent me an email awhile back that included both my username and my password as a reminder. I called them up and immediately asked them to remove me from their system. What stupid idiot puts a username and password in the same e-mail and without the request of the account holder??

We’re also told by many tech companies: We have the most secure system in the world.

Secure my ass. It’s only secure until someone figures out where the loopholes are and it’s not secure anymore. Money is taken out of accounts. Private pictures are shared with the world. And computers and data are held for ransom.

If it weren’t for my laptop, I’d be unemployed. But because of it, I feel vulnerable, insecure, and I’ve had to spend money when I wasn’t wanting to.

I don’t know how I feel about our tech-obsessed and dependent modern world.

 

 

 

 

 

 

 

 

 

 

 

 

Advertisements

3 comments

  1. Bloody Hell!

    You should also send a copy of this to Apple.

    In the motor industry, and I assume others, there are statutory requirements to maintain parts and service provision for years after production ceases – 15 years on cars if my memory serves. It sounds to me like extreme inbuilt obsolescence, that’s to say a jolly good income stream for Apple.

    Good Luck

    1. I couldn’t help but think the same about Apple gaining from all this. But in theory, their whole reputation is built on their secure systems and customer service. This kind of thing is not good for either. It’s been very frustrating and confusing.

  2. Yikes! That is a helluva stressful situation. I feel that, while I appreciate the advances technology has made to our lives, it’s also added a lot of new stress.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s