Three years ago, Microsoft declared that Windows XP would finally, finally be “end-of-life”d. That means no more updates, no new features, no new security patches, nothing. And yet one in 20 machines are still running it. The web hasn’t gotten safer. [Read more…]
A hacked computer can be worth a lot. Think about it: under your desk, on your lap, or even in your pocket, there’s as much computing power as there used to be in an entire room full of hot, heavy machinery. You use your devices to connect to the internet, perform calculations, store information, and a thousand other things that you probably don’t even realize. If you are familiar with the inner workings of modern computers, then it may not be as big of a surprise as this is to other people. But any general purpose computer is a powerful piece of hardware, and if you can make it work for you, the return on investment can be thousands of times the risk you take as a hacker.
The simplest reason someone would want your computer is for your data. If you use the internet for anything important (and what’s important to a hacker might not be that important to you), then it’s probably got a lot of stored passwords. Or, they can install a keylogger to capture the passwords as you type them in. It doesn’t matter if you’re hacked. They can use your Facebook or other social media accounts to extract money from people you know, like the case of a fellow who got his account hacked and the hacker told his grandmother that he needed money for bail in a foreign country. Naturally, he was still at home, and answered her phone call when she called to see if it was true. Banking passwords are obviously valuable, since a hacker can get your money directly with those. But, any password or file could be used to get personally identifying information to initiate identity theft. With that out of the way, we can talk about some of the more esoteric things that can be done with access to your machine.
You have an internet connection, right? How much more valuable is your computer to you having access to the internet? It’s an insane amount of value. To the point that you are legitimately and justifiably upset if you don’t have internet access. Simply put, anything you can do, a hacker can do, and anything you don’t know you can do a hacker can still do. They can use your machine to route internet traffic and obfuscate criminal activity. They can do this, sometimes, even without full access to your machine. They can hack a web page, again without full access, to tell your computer what to do. This isn’t necessarily dangerous in the sense that losing data is, but it still feels gross to be used in this way. You might never know they’re doing this, either, because the computer may still be usable with little change in performance. If they have full access to your machine, they can do more – use it as a personal vault for stolen data, or take its computing power and use it with a number of other hacked machines to carry out destructive acts and harm businesses with your processing power.
Maybe your reputation is worth something. You might own a business in a competitive market, you might be a Fortune 500 CEO, you might be a community leader. A hacker with control of your PC can get your social media passwords and say things in your name that you would never say. Maybe you’re just a regular person, with no special access to anything, but a hundred or so friends. A bad actor could use your page to share a link to a web site that just so happens to be full of viruses. Part of your internet security plan should be not clicking on weird links posted by your friends. If you don’t know the provenance of the link it could do you some harm. Lastly, a hacker might make you follow a fake page, again with the intent of spreading other sorts of malware.
Lastly, maybe your reputation, social media, computing power, and data aren’t worth anything to a particular hacker. They just want to extort you. With access to your machine, they can encrypt your hard drive (usually a good thing, when you have the password to decrypt it) and hold your files hostage. They can do the same with your email or any other sort of account. No access, they’ll say, unless you pay up. This is called ransomware. It’s become very popular, and people need to be educated on it. You can avoid it, though. You might have The Computer Specialist keep your data safe and just restore your machine to before the infection. This is why crisis plans are so important. Sometimes you take files for granted, which is forgivable for a home user. A business losing customer data? That’s pretty bad. It doesn’t matter who you are, ransomware can strike. They’ve attacked colleges, individuals, politicians, and even hospitals.
Cyber risk is the risk of damage due to failure in your information technology systems. It covers finances, reputation, and disruption of any kind. It’s not a new concept, but it seems to be regarded by many as something for big businesses to worry about. Just think: how would your customers and employees feel if some or all of your confidential information was leaked? It’s a nightmare scenario, but so many small businesses don’t think it concerns them. I’m not a big target, they think. I don’t need to worry that much about cyber security. That’s the wrong way to think about it.