How much is your hard disk worth to hackers?
Posted on 29 Nov 2012 at 10:30
Think twice before dumping that broken laptop - the data on it is a goldmine for cyber criminals
Losing a laptop is always painful, often raising the awkward question of backups when it’s too late. But whether your lost laptop perished of age or disappeared from your bag in a pub, that pain can take on a financial dimension too. Unless your data was encrypted or the laptop was disposed of securely, the blunt truth of the matter is that you’re at risk of exposure to the dark market.
Your personal data is valuable, and cyber criminals will pay for everything from bank logins and credit card details to the perhaps less obvious lists of contacts and email conversations. But just how much is your hard disk worth to a hacker? In this feature we’ll find out.
What kind of data has value? The simple answer is all of it, just to differing levels. In order to get your head around this you need to start thinking like a criminal, says John Livingston, CEO at Absolute Software.
Your hard drive is a potentially easy-access encyclopaedia of personal data
"If we’re going to add up the cost of this, let’s start with how many security questions your bank asks you when you call them,” he says. “Address? Name? Date of birth? Mother’s maiden name? Customer number? The process attached to ‘forgetting’ your password invariably requires providing a couple more details – a registered mobile number, email address, or a letter to the registered address. Your hard drive is a potentially easy-access encyclopaedia of data, containing the answers to those questions and more."
Ryan Rubin, a director at Protiviti, points out there are also the "cached passwords that can be found in applications such as internet browsers, email clients [and] social media clients". Catalin Cosoi, Chief Security Strategist at Bitdefender, would also include the potential "access to compromised systems on your internal network which have internet access, which is rented by cyber criminals by the hour".
When it comes to your computers used by small businesses, Intel’s Rob Sheppard believes there's a lot more value to be extracted. "Things that are valuable include company intellectual property, such as product design and cost information, vendor agreements, customer contact details and financial records," he says.
Konstantinos Xynos, of the faculty of advanced technology at the University of Glamorgan, admits it is hard to place an accurate figure on the value of your data. However, he says cyber criminals "will tend to look at the age of the data (how recently data was written to the drive) and who the user is. Roughly speaking, anything up to a three-year-old computer will still have useful data. Data that has not been analysed but has been identified as a personal machine will not have much face value".
Integrated gaming systems can contain a huge library of registered games and these types of accounts are highly sought out
Interestingly, Xynos believes any computer that can be identified as having been used primarily as a games machine is likely to command a premium. "This is because of the inherent value in the games themselves," he explains. "Games, like other commercial software, have serial numbers which can extracted and sold on. Integrated gaming systems, like Steam, Origin and Desura, can contain a huge library of registered games and these types of accounts are highly sought out."
Clearly, the actual value depends on the number of games, along with whether or not credit card information has been associated with the accounts. However, Steam accounts containing up to nine games are often sold for between £4 and £8 on the dark market. Accounts for online games such as World of Warcraft are also valuable, as the hacker can log in and transfer all the in-game items to a character they own, then sell them on auction sites.
When it comes to mining your email, Xynos insists, there isn't much value to the underground economy unless sold in bulk, when they may command a notional value of a penny per item. Then there's the licence serial keys to your software, which reside on your hard drive and can be sold on after being extracted by trawling the system registry. Windows 7 Ultimate keys are still selling for around £3 a time despite the launch of Windows 8, for which keys have yet to hit the dark market in any great number.
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on email@example.com
- Windows 8.2/Windows 9: release date, features and free cloud version
- Facebook testing keyword searching in old posts
- Google promises faster Chrome with 64-bit support
- iPhone 6 release date, specs/features and rumours: when is the new iPhone 6 coming out in the UK
- Sony Xperia Z3 specs leak online
- Samsung Galaxy Alpha release date, specs and rumoured price in the UK
- Vodafone has worst reception but Ofcom tests questioned
- Boxed iPhone 6 photos leak online
- Still on IE8? You've got 18 months to upgrade
- iPhone 6 launch event tipped for 9 September
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums
- How to turn off Google Location Tracking
- 20 years of PC Pro: our greatest review mistakes
- 20 years of PC Pro: our first A-List
- Wikipedia's "right to be forgotten" protest hits the wrong note
- 3D printing hits the high street for plastic selfies
- 20 years of PC Pro: What amazed us in our first issue
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?