How much is your hard disk worth to hackers?
Posted on 29 Nov 2012 at 10:30
Think twice before dumping that broken laptop - the data on it is a goldmine for cyber criminals
Losing a laptop is always painful, often raising the awkward question of backups when it’s too late. But whether your lost laptop perished of age or disappeared from your bag in a pub, that pain can take on a financial dimension too. Unless your data was encrypted or the laptop was disposed of securely, the blunt truth of the matter is that you’re at risk of exposure to the dark market.
Your personal data is valuable, and cyber criminals will pay for everything from bank logins and credit card details to the perhaps less obvious lists of contacts and email conversations. But just how much is your hard disk worth to a hacker? In this feature we’ll find out.
What kind of data has value? The simple answer is all of it, just to differing levels. In order to get your head around this you need to start thinking like a criminal, says John Livingston, CEO at Absolute Software.
Your hard drive is a potentially easy-access encyclopaedia of personal data
"If we’re going to add up the cost of this, let’s start with how many security questions your bank asks you when you call them,” he says. “Address? Name? Date of birth? Mother’s maiden name? Customer number? The process attached to ‘forgetting’ your password invariably requires providing a couple more details – a registered mobile number, email address, or a letter to the registered address. Your hard drive is a potentially easy-access encyclopaedia of data, containing the answers to those questions and more."
Ryan Rubin, a director at Protiviti, points out there are also the "cached passwords that can be found in applications such as internet browsers, email clients [and] social media clients". Catalin Cosoi, Chief Security Strategist at Bitdefender, would also include the potential "access to compromised systems on your internal network which have internet access, which is rented by cyber criminals by the hour".
When it comes to your computers used by small businesses, Intel’s Rob Sheppard believes there's a lot more value to be extracted. "Things that are valuable include company intellectual property, such as product design and cost information, vendor agreements, customer contact details and financial records," he says.
Konstantinos Xynos, of the faculty of advanced technology at the University of Glamorgan, admits it is hard to place an accurate figure on the value of your data. However, he says cyber criminals "will tend to look at the age of the data (how recently data was written to the drive) and who the user is. Roughly speaking, anything up to a three-year-old computer will still have useful data. Data that has not been analysed but has been identified as a personal machine will not have much face value".
Integrated gaming systems can contain a huge library of registered games and these types of accounts are highly sought out
Interestingly, Xynos believes any computer that can be identified as having been used primarily as a games machine is likely to command a premium. "This is because of the inherent value in the games themselves," he explains. "Games, like other commercial software, have serial numbers which can extracted and sold on. Integrated gaming systems, like Steam, Origin and Desura, can contain a huge library of registered games and these types of accounts are highly sought out."
Clearly, the actual value depends on the number of games, along with whether or not credit card information has been associated with the accounts. However, Steam accounts containing up to nine games are often sold for between £4 and £8 on the dark market. Accounts for online games such as World of Warcraft are also valuable, as the hacker can log in and transfer all the in-game items to a character they own, then sell them on auction sites.
When it comes to mining your email, Xynos insists, there isn't much value to the underground economy unless sold in bulk, when they may command a notional value of a penny per item. Then there's the licence serial keys to your software, which reside on your hard drive and can be sold on after being extracted by trawling the system registry. Windows 7 Ultimate keys are still selling for around £3 a time despite the launch of Windows 8, for which keys have yet to hit the dark market in any great number.
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on email@example.com
- Ellison steps down: but who's really running Oracle now?
- Amazon releases high-end Kindle Voyage Touch
- Sony warns of massive loss on smartphones
- Dropbox app doesn't work properly with iOS 8
- Dark clouds for Adobe as profits slide by 46%
- Windows 9 Technical Preview launch date revealed
- New Windows 9 videos show off multi-desktops and notification centre
- Chromebook owners get access to Android apps
- SanDisk lets you pop half-terabyte card in your camera
- Windows 9 video shows new Start menu
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Apple Watch, iPhone 6 and 6 Plus: Tim Cook's Apple back with a bang?
- BT Home Hub 5: how to get maximum speed
- 20 years of PC Pro: one-star reviews (including "the worst tablet we've ever seen")
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums