Content
Skip to Main ContentAccessibility Help
Spark

How one woman is helping others overcome "hacking abuse"

Abusers threaten to compromise online accounts as a way of ensuring silence.
CBC Radio ·
Abusers threaten to compromise online accounts as a way of ensuring silence. (Pixabay )

"Hacking abuse" isn't something that most people are familiar with. But it's a hidden threat in abusive relationships, where an abuser threatens to hack into a woman's email, social media, or other accounts as a way of keeping her compliant.

Eva Galperin, the director of cyber-security at the Electronic Frontier Foundation, has been helping women manage the threat, which can be coercive.

She discovered it was an issue earlier this year, after a serial rapist was outed on Twitter. It turned out that he had been ensuring his victims' silence by threatening to hack into accounts whose passwords the women had shared.

One of the ways in which abusers get these passwords out of their victims is saying, 'hey don't you trust me? Or 'don't you love me?'- Eva Galperin

So Galperin offered to help women who had been similarly threatened and found that it was happening more commonly than she thought.

"It is not uncommon for people in romantic relationships to share their account passwords," she said, noting that often the way the passwords get shared in the first place can be coercive. "One of the ways in which abusers get these passwords out of their victims is saying, 'hey don't you trust me? Or 'don't you love me?'"

Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation. (EFF)

Rather than taking steps to hack into those accounts, abusers more typically wield the threat as a way to stop their victims from coming forward.

"It is extremely rare for victims who have been threatened by their attackers to actually have compromised devices, Galperin said. "Because if an attacker has compromised their device they usually want to keep quiet about it so they can keep getting the information."

When someone contacts Galperin saying she has been threatened, Galperin said she sits down and listens to the story of the relationship. "So often that is a harrowing tale in and of itself," she said. Then she helps the victim figure whether a device or an account has been compromised, "and we work backwards from there."

How to minimize the threat

Fortunately, setting up procedures like two-factor authentication can remove many of the threats, she said. "Then even if somebody steals your password, they still can't get into your account because they will not have the second factor."

She also recommends that women make up clever answers to the typical questions that an account may ask for verification, such as mothers' maiden names, names of first pets, and so on.

"I never answer those questions truthfully, and in fact I answer them with long randomly generated strings, she said.

Galperin said that so far, she's been able to personally help all of the women who have approached her fearing hacking abuse. But she acknowledged that it's a solution she can't sustain.

"I still need to think a little bit about what the next steps are, and what would be the most helpful, but certainly just me sitting at my computer answering my email is a solution that does not scale."

More from this episode