College Central, creators of the popular and beloved web series Wadiwa Wepamoyo have recently shared on their Twitter that their account hosting the show and other projects has been hacked, with all their content wiped including the show , their over 60 000 subscribers being denied access to the channel and the channel being renamed to Dave Ramsey Live. You can see their official tweet below.
Now while the nature of the hack itself is yet to be identified, Zimbabwe’s online community is already expressing their empathy for College Central and anger at whoever did hack the channel, as not only did they obviously derail one of the most successful online Zimbabwean project in the past few years, but also cut of what was becoming a reliable source of income for a group of upcoming artists and creatives. Whoever hacked the channel seemingly had it out for College Central, and unfortunately their actions and this whole incident are serving as a reminder of the growing threat of cyber crime and cyber criminals in our country, and the need to protect all our devices and online service accounts from such attacks.
Zimbabwe hasn’t exactly ever been a central hub for cyber-crime or incidents of hacking, but as our country has obviously gotten more technologically savvy over the past decade especially, and more of us have lives that revolve around technology and technological services, there’s no denying that the looming threat of criminals trying to take advantage of that has been growing as well. In the past two years alone we at TZP have heard of multiple hacking stories, ranging from more famous ones like the CUT student who hacked his college database, to multiple attacks on Zimbabwean celebrities or social media influencers to less glamorous ones such as multiple friends reporting hacked Instagram or Twitter accounts. And all these stories really tend to point to one thing which is generally the main flaw in most digital security infrastructure anyway: knowledge and prevention of certain vulnerabilities. To put it in simpler terms, a lot of us don’t know how to protect our digital infrastructure, or accounts for online services, and we should in case someone decides to pay attention to them and use them as a showcase of their “mad hacking skills”. As mentioned before, Zimbabwe as a nation hasn’t had a huge history of cybercrime and that’s because in our past there was arguably not much infrastructure to really commit criminal offenses on. Sure the internet , computers and online services were used in our country to some capacity in the late 90’s and early 2000’s but it’s really the boom in smartphones and mobile internet connectivity that made everyone integrate their internet and online services such as social media, streaming services, cloud storage and so on into their lifestyles, along with a rise in Zimbabwean activity on the web through websites, news blogs and multiple forms of social media creation as well. This has obviously started putting a certain amount of attention on us online, and whether that attention is from within our own country or from foreign parties is another question is another case entirely, but regardless we all need to start being more careful with our device and internet security, and we need to do it fast.
So how do we do it? Well, we aren’t going to do too much of a deep dive into online security practices here (we’ll leave that for another article) but let’s start at the source of probably all your online accounts: your email. Email accounts need to have the strongest password you can probably muster. Not necessarily a sentence’s worth of indecipherable gibberish (though that might work too), but starting by following the usual password guideline of a mixture between capital and small letters, numbers and symbols such as @, $ or % can make a huge difference between getting attacked or staying safe, especially when your last password may have just been something like “Jamesman1995” (Which is surprisingly still better than a lot of passwords some of you use). Then setting up two factor authentication is a next step. This often seems like an annoying extra from lots of email sites but it’s become more and more relevant as attacks get more common. It’s essentially making your online service (i.e. email in this case) ask for a second verification that it’s you logging into your account when you’re logging in from an unknown device, a different region in the country or in the world or just showing some behavior that the service may deem suspicious and want more verification that it’s actually you trying to gain access. The second authentication factor tends to be sending a message with an access code to your phone or using bio-metric verification in the form of a fingerprint or iris scanner for Windows PCs and Macs. This definitely tends to stop most hackers in their tracks as they likely won’t have the second verification source. Two factor authentication can also be set up for social media and cloud service accounts too, so while it may seem like a chore to set up, it’s best you set it up there as well.
The next area we’ll briefly look at is your device, be it your phone, PC, tablet and so on. Let’s start with a basic one; device passwords and not letting just anyone touch your device. A lot of us tend to let people play around with our devices more often than we realize, and that can harm us if that person, or someone they know has harmful intent. For example, people tend to be more guarded over their phones so won’t just let anyone touch those, but can let almost any school or work colleague use their laptop or work computer, which tends to have all your emails , social media accounts and so on signed in already , with login details and passwords stored as well. Anyone who wants to take a look there likely will, and it can be the start of a whole series of horrors as well. Watching over your computer’s usage, or making a friend log into a guest account on Windows or Mac might be better, especially since your account may hold a lot more information than you think it does. And when it comes to phones, if you have an issue with yours and someone is fixing a software problem or even passing you some music or documents, keep an eye on what they’re doing. This is another of those cases where you may feel bored or wish to go do something else, but for example, the number of iPhone users I have personally had come to me with problems of texts being hacked because they synced their device with a friend’s Mac or Windows PC iTunes is many more people than I would like it to be. And in fact, on a similar note, be careful of where you log in to any kind of online account. Whether it’s an internet café, a friend’s computer or phone , or a work machine that not only you have access to, make sure to log out each time you are done and don’t save any credentials in that machine’s browser or app. A good way to do this is by choosing a private browsing session or incognito mode on whatever browser you are using. And to be honest the list goes on, which is why we’ll continue to give more content on internet and device security in the coming days.
But for now, it all comes back full circle in thinking that the sad incident College Central was involved can unfortunately remind us all of how careful Zimbabweans need to start getting when it comes to their online accounts and device security. In fact, in a country where celebrity videos are taken down, and artists are being hounded online by unknown assailants, it’s become clear that anyone in Zimbabwe can become a target, they just have to be big enough for the assailants to want them, which is why we all need to be a little careful, and keep up the practices that can keep us safe.