How much is your hard disk worth to hackers?
Posted on 29 Nov 2012 at 10:30
Think twice before dumping that broken laptop - the data on it is a goldmine for cyber criminals
Losing a laptop is always painful, often raising the awkward question of backups when it’s too late. But whether your lost laptop perished of age or disappeared from your bag in a pub, that pain can take on a financial dimension too. Unless your data was encrypted or the laptop was disposed of securely, the blunt truth of the matter is that you’re at risk of exposure to the dark market.
Your personal data is valuable, and cyber criminals will pay for everything from bank logins and credit card details to the perhaps less obvious lists of contacts and email conversations. But just how much is your hard disk worth to a hacker? In this feature we’ll find out.
What kind of data has value? The simple answer is all of it, just to differing levels. In order to get your head around this you need to start thinking like a criminal, says John Livingston, CEO at Absolute Software.
Your hard drive is a potentially easy-access encyclopaedia of personal data
"If we’re going to add up the cost of this, let’s start with how many security questions your bank asks you when you call them,” he says. “Address? Name? Date of birth? Mother’s maiden name? Customer number? The process attached to ‘forgetting’ your password invariably requires providing a couple more details – a registered mobile number, email address, or a letter to the registered address. Your hard drive is a potentially easy-access encyclopaedia of data, containing the answers to those questions and more."
Ryan Rubin, a director at Protiviti, points out there are also the "cached passwords that can be found in applications such as internet browsers, email clients [and] social media clients". Catalin Cosoi, Chief Security Strategist at Bitdefender, would also include the potential "access to compromised systems on your internal network which have internet access, which is rented by cyber criminals by the hour".
When it comes to your computers used by small businesses, Intel’s Rob Sheppard believes there's a lot more value to be extracted. "Things that are valuable include company intellectual property, such as product design and cost information, vendor agreements, customer contact details and financial records," he says.
Konstantinos Xynos, of the faculty of advanced technology at the University of Glamorgan, admits it is hard to place an accurate figure on the value of your data. However, he says cyber criminals "will tend to look at the age of the data (how recently data was written to the drive) and who the user is. Roughly speaking, anything up to a three-year-old computer will still have useful data. Data that has not been analysed but has been identified as a personal machine will not have much face value".
Integrated gaming systems can contain a huge library of registered games and these types of accounts are highly sought out
Interestingly, Xynos believes any computer that can be identified as having been used primarily as a games machine is likely to command a premium. "This is because of the inherent value in the games themselves," he explains. "Games, like other commercial software, have serial numbers which can extracted and sold on. Integrated gaming systems, like Steam, Origin and Desura, can contain a huge library of registered games and these types of accounts are highly sought out."
Clearly, the actual value depends on the number of games, along with whether or not credit card information has been associated with the accounts. However, Steam accounts containing up to nine games are often sold for between £4 and £8 on the dark market. Accounts for online games such as World of Warcraft are also valuable, as the hacker can log in and transfer all the in-game items to a character they own, then sell them on auction sites.
When it comes to mining your email, Xynos insists, there isn't much value to the underground economy unless sold in bulk, when they may command a notional value of a penny per item. Then there's the licence serial keys to your software, which reside on your hard drive and can be sold on after being extracted by trawling the system registry. Windows 7 Ultimate keys are still selling for around £3 a time despite the launch of Windows 8, for which keys have yet to hit the dark market in any great number.
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on email@example.com
- Europol warns: public Wi-Fi isn't safe
- IDC: iPad intertia opens door for Windows tablets
- Rivals put on notice as Spotify snaps up The Echo Nest
- Windows 8.1 Update 1 leaks via Microsoft's website
- Mozilla questions why Dell charges £16 to install Firefox
- Hundreds of NHS sites vulnerable to hackers
- Samsung Chromebook 2 gets faux-leather look - and bloatware
- Windows 8.1 Update 1 hits RTM
- Hackers take Meetup.com offline over $300 ransom
- Office 365 goes social with "Oslo" news feed
- Move over Delia: IBM Watson is cooking tonight
- Eric Schmidt on the double-edged smartphone: friend and foe
- Getty joins the race to the bottom
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Nokia XL review: first look
- Samsung Galaxy S5 review: first look
- Nokia X review: first look