A good friend of mine called me one day and told me his computer was running particularly slow and the odd thing was it was worse in the evening. I took a look at his computer and found that someone had got into it and was storing large (I mean Large) amounts of Pornography, Stolen Software, Music and Videos, on it. Most "Hackers" are not looking to do something to your computer that you will immediately be aware of. They are looking for what is called "staging areas" where they can store things for distribution or later use. Can you imagine how my friend felt once I showed him what was on his computer! This happens all the time. There are organizations out there who are paid by the Entertainment Industry, the Government, and other institutions who are looking for this type of issue. If they locate these things on your computer, trying to prove that you had nothing to do with it could be a pretty difficult thing to do.
Are My Computers Safe From Hackers?
The meaning of the term "HACKER" has really changed over the years. Early on anyone who was
considered a "HACKER" was someone who new the intricate workings of computers and various technology. Someone who was considered to be a guru at what they did whether it be a programmer who wrote software or someone who knew everything there was to know about a particular Operating System. These day's the moment someone hears the word "HACKER" it conjures up many thoughts and images. Some people imagine a teenager sitting home writing programs to break into business computers or their school. Others may imagine someone who attempts to access online computer systems such as Banks or Stores to commit fraud and make off with millions of dollars. The fact is, all the above are pretty much true images of a HACKER. It just depends on who it applies to!What Can Hackers Do?
A few years back I'm sure we all remember hearing or reading about what websites were defaced that given week. This in itself can be embarrassing for the website owner and was very prevalent. It's not that this sort of thing does not happen anymore but it is eclipsed but the more serious things that take place. Banks being defrauded by unscrupulous employees, Online Stores having their patrons credit card information ripped off, and a host of other more serious actions.
The reality is that as network systems become more complex and widespread, the opportunities for those who wish to compromise or HACK computers become much greater.
As a home or small business computer user there are many ways you could be at risk. Many people store their financial information on their computers using a simple spreadsheet or document, or maybe something like Quicken / QuickBooks accounting. Many people store all their logins and passwords in plain text documents on their computers. How many people store information regarding their medical conditions on their computers. Computers are there to make our lives more simple and provide us with a means to store all of our most important information. What if this information were in the hands of someone else? What could happen;
- Is it possible for someone to assume my identity if they access the above information;
- Can someone find out what all of my logins and passwords are;
- As a business owner do I need to be concerned about corporate fraud;
- Is it possible for a hacker to steal my companies intellectual property;
- Can an unauthorized person access my company's sales information including clients and prospects;
- And, as a home user, or small business owner, could I be held liable for something someone else does with my computer?
The answer to all the above is, yes! If your computers are not properly configured, kept up-to-date with patches, or secured against the most common types of attacks you are at risk!
There are new vulnerabilities for computers found almost every day. If you are not diligent in keeping your computers up to date and secured you can expect (it's just a matter of time), that in one way or another your system will be compromised.
Over the years, we have seen just about everything under the sun when performing small, medium, or large computer security assessments;
- Home computers being used to relay information and stolen software;
- Business computers being used to store stolen software as well as distributing it;
- Employees using their work computers to run businesses such as pornography sites;
- Ex-employees still accessing their work computers because of the lack of security;
- People trying to extort or intimidate others using information they gathered from unsecured computers;
- The potential for civil and criminal legal action against users for participating in malicious tasks;
and that's just to name a few of the things we have seen!
Don't underestimate what can happen to you. Human beings are very risk adverse however we are also very bad at determining the real risks. Many people are afraid to fly in planes but have no qualms about climbing up a 10 foot later to change old ceiling fan without cutting the electricity first. You have more of a chance climbing that ladder, getting shocked, falling and breaking your neck than going down on a plane. This seems to apply to many methods of analyzing risks.
Think about this. In testing where we placed out-of-the-box computers on the Internet it takes approximately 15 to 30 minutes before it's hacked or compromised in some way or another.
How Do Hackers Do it?
Although this section of this article could be a book in itself (and will be), hackers have many tools available to them to perform their tasks. Many of these tools are available free on the Internet. You just need to know what you are looking for and where to look for it.
When hackers find new ways to break into computers or defeat certain security measures they will often write automated tools they can then use and distribute to other hackers. Again, many of these tools are available on the Internet and just about anyone can use them.
In many cases, because of the lack of security, many hackers don't need special tools to access your computer. The Operating System and the commands that are available may be all the hacker needs to remotely access your computer.
Remember, although it is not possible to configure most systems to be 100% secure, there are many steps that you can take, some simple and others drastic, to create a deterrence. Hackers, unless they have the motivation, no limit on time, and no limit on cash, will typically search for the easiest target!
Don't give them the opportunity!
Why Should I be Concerned?
As you can see above, there are many reasons to be concern. As a home user or small business, you should be diligent and protect yourself. This does not mean that you should consume yourself with these efforts. You should be diligent in your actions. Taken even the most basic actions to secure your computers can help.
- Protect information about your identity;
- Use strong passwords when setting up user accounts;
- Change your passwords on a frequent basis and don't give them out to anyone;
- Update you computers Operating System with patches;
- Install Anti-Virus software and keep it up-to-date;
- If you do not have a hardware Firewall install a personal Firewall (The latest versions of Windows XP/7/vista has a basic Firewall built in);
- Install Anti-Adware / Spy-ware software and keep it up-to-date;
- Don't assume that since the computer you use at home is just a home computer that you don't need a password to access it. Especially if you are using Wireless Networking (That's a whole other story).
Conclusion
As you can see, everyone should be concerned about securing there computers against the potential of compromise of being hacked. Believe me, you don't want to find yourself trying to figure out what to do next once your system has been compromised. It is not a pleasant experience.
No comments:
Post a Comment