Last Updated: 2007-11-20 22:34:40 UTC
by Kevin Liston (Version: 1)
“There is nothing on my computer that a hacker would be interested in.”
How often do you hear that statement as a key point in someone’s defense strategy? It is something I’ve often heard in social outings and family gatherings.
I try to use it as an opportunity for security awareness. First rephrase the statement to by: “There is nothing on my computer that a criminal would be interested in.” This takes the conversation away from the contentious “what does the word, hacker, mean” question/debate. If you focus on protecting yourself form criminals, you stand a pretty good chance against hackers/crackers as well (should you feel there is such a distinction or not.)
What makes up an abstract computer system on the Internet?
- Hard Drive
- Internet access/IP address
- User data
So what would a criminal be interested in on this average computer?
CPU: botnets often use their slave machines to send email, proxy web traffic, and launch denial of service attacks. These all use slices of CPU on the machine to do work that they would otherwise not have the resources to do.
Memory: User’s browsing habits, username/password credentials, and other sensitive user data is captured out of memory.
Hard Drive: I have seen bot-nets that perform no other service than act as a giant library to store pirated films and audio.
Internet access/IP address: every new IP that isn’t already on a blocklist is of interest to spammers. Criminals can host malicious websites on a machine to avoid other blocklists. Criminals can proxy their traffic through a machine hide their true location and avoid some companies’ firewalls blocking known-bad IPs.
What about User Data?
Everyone knows that criminals are interested in your banking and paypal credentials. They are also after your eBay passwords so they can sell stolen goods in your name. They are after your facebook, and myspace credentials so they can post links to malicious websites (look at Dancho Danchev's post today for an example.) They’re after your email address. Even by itself a working email address is worth money. Take a person’s address book and you get their social network that can be used to launch targeted email attacks. Your email address is often used as your account name on a number of web services. It’s arguable that you can correlate more about a person based on their email address than their Social Security Number anymore.
So you may think there is nothing of interest on your machine, but there are certainly things of value on your system. Criminals know how to “make it up in volume.”