When your system has been compromised, it’s safe to assume the worst. Here’s what the bad guys have in mind
Written by Roger A. Grimes / Courtesy of InfoWorld
In the good old days, most hacking was performed by young males looking to boost their self-esteem. Nowadays, almost all hacking and malware is carried out with criminal intent. Yet for some reason, people who get hacked or are infected by malware still treat the problem as if it were a mere annoyance, as if they’d been infected by a virus from 1998.
I have two words for those people: Wake up! If your computer has been compromised, here are the four most likely reasons. Be warned: They’re not pretty.
1. Picking your pocket
By far, the vast majority of hacking and malware is for quick financial gain. Bad guys are after your passwords, your bank account information, your credit card information, your identity, or some other way to take your hard-earned money — such as selling your stocks, initiating unauthorized e-money trades, holding your information hostage for payments, and so on.
That’s why, whenever I get involved with a computer that has been hacked or compromised, I assume the worst. You can’t simply clean the infection because you don’t know what has been maliciously modified. The only safe step you can take is to back up your data, format the drive, and re-install everything. (You have all the installation media you need, right?) Once you’ve set up a clean computer, you have to change the logon password information on all websites you use or that share those common passwords.
2. Pummeling you with adware and spam
Coming in second is malware designed to place unwanted advertisements or content in your computing pathway — either by directing you to the wrong websites, shoveling pop-up advertisements onto your computer, replacing legitimate banner ads with spammy ones, or simply sending you or others tons of spam email. In truth, because the consequences could be worse, I almost feel lucky when all I find adware or a spam bot in a forensic investigation.
3. Stealing intellectual property
As the recent Chinese hack of the New York Times demonstrated, there’s been a marked increase in advanced intellectual property theft and state-sponsored spying. A growing number of malware programs and hacker groups have emerged, all dedicated to stealing valuable information from you or your company. Unlike hackers who want quick, in-and-out financial gain, these lowlifes have specific information targets and often intend to stay for months to years.
Are there any secrets left to steal? For years, it’s been said that intellectual property thieves have already stolen most of the secrets from the world’s biggest companies and taken that valuable information back home. It’s only grown worse since then. Most computer security experts will tell you that not only are most of the world’s largest companies completely compromised, but that there is little anyone can do. One day we will rebuild the Internet and make it a safer place to compute. Meanwhile, make sure you at least avoid the five biggest security pitfalls.
Continue reading over at InfoWorld.