How much is your hard disk worth to hackers?
Posted on 29 Nov 2012 at 10:30
Think twice before dumping that broken laptop - the data on it is a goldmine for cyber criminals
Losing a laptop is always painful, often raising the awkward question of backups when it’s too late. But whether your lost laptop perished of age or disappeared from your bag in a pub, that pain can take on a financial dimension too. Unless your data was encrypted or the laptop was disposed of securely, the blunt truth of the matter is that you’re at risk of exposure to the dark market.
Your personal data is valuable, and cyber criminals will pay for everything from bank logins and credit card details to the perhaps less obvious lists of contacts and email conversations. But just how much is your hard disk worth to a hacker? In this feature we’ll find out.
What kind of data has value? The simple answer is all of it, just to differing levels. In order to get your head around this you need to start thinking like a criminal, says John Livingston, CEO at Absolute Software.
Your hard drive is a potentially easy-access encyclopaedia of personal data
"If we’re going to add up the cost of this, let’s start with how many security questions your bank asks you when you call them,” he says. “Address? Name? Date of birth? Mother’s maiden name? Customer number? The process attached to ‘forgetting’ your password invariably requires providing a couple more details – a registered mobile number, email address, or a letter to the registered address. Your hard drive is a potentially easy-access encyclopaedia of data, containing the answers to those questions and more."
Ryan Rubin, a director at Protiviti, points out there are also the "cached passwords that can be found in applications such as internet browsers, email clients [and] social media clients". Catalin Cosoi, Chief Security Strategist at Bitdefender, would also include the potential "access to compromised systems on your internal network which have internet access, which is rented by cyber criminals by the hour".
When it comes to your computers used by small businesses, Intel’s Rob Sheppard believes there's a lot more value to be extracted. "Things that are valuable include company intellectual property, such as product design and cost information, vendor agreements, customer contact details and financial records," he says.
Konstantinos Xynos, of the faculty of advanced technology at the University of Glamorgan, admits it is hard to place an accurate figure on the value of your data. However, he says cyber criminals "will tend to look at the age of the data (how recently data was written to the drive) and who the user is. Roughly speaking, anything up to a three-year-old computer will still have useful data. Data that has not been analysed but has been identified as a personal machine will not have much face value".
Integrated gaming systems can contain a huge library of registered games and these types of accounts are highly sought out
Interestingly, Xynos believes any computer that can be identified as having been used primarily as a games machine is likely to command a premium. "This is because of the inherent value in the games themselves," he explains. "Games, like other commercial software, have serial numbers which can extracted and sold on. Integrated gaming systems, like Steam, Origin and Desura, can contain a huge library of registered games and these types of accounts are highly sought out."
Clearly, the actual value depends on the number of games, along with whether or not credit card information has been associated with the accounts. However, Steam accounts containing up to nine games are often sold for between £4 and £8 on the dark market. Accounts for online games such as World of Warcraft are also valuable, as the hacker can log in and transfer all the in-game items to a character they own, then sell them on auction sites.
When it comes to mining your email, Xynos insists, there isn't much value to the underground economy unless sold in bulk, when they may command a notional value of a penny per item. Then there's the licence serial keys to your software, which reside on your hard drive and can be sold on after being extracted by trawling the system registry. Windows 7 Ultimate keys are still selling for around £3 a time despite the launch of Windows 8, for which keys have yet to hit the dark market in any great number.
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on firstname.lastname@example.org
- What is Google Inbox?
- Windows 10 release date, features and how to get the Technical Preview
- Nexus 6 release date, specs and price: when will the Nexus 6 go on sale in the UK?
- Lenovo and Ashton Kutcher launch Yoga Tablet 2 Pro, Yoga Tablet 2 and Yoga 3 Pro
- Lenovo Yoga event live stream: watch Ashton Kutcher's tablet launch live
- HTC shows off Desire Eye selfie phone and periscope-like camera
- Xim: the slideshow app to get excited about
- Adobe has more apps for iOS, but none for Android
- How to download and install Windows 10 Technical Preview
- iPhone 6 Plus "less likely to bend than HTC One"
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold