Bits & Bytes: Threat Level - Severe
March 2, 2011
Many already know that private information saved on, or accessed with, a computer is susceptible to theft. There are questions, however, that many still have. What is the severity of the threat? Is the threat so great that I shouldn't do anything online or with my computer? What are the ways people can get my information? What information is at risk? How can I easily protect myself while still being able to utilize modern conveniences?
The answers to these questions, along with easy tips, will help you protect yourself while still being able to easily utilize modern conveniences.
In short, the threat level is considered severe. This does not mean, however, that you need to be so paranoid that you do nothing. Though the threat is severe, it is very easy to protect yourself with a little information and a few easy steps.
One of the first things to understand is that most likely you will not be targeted specifically. Instead you will be a victim of opportunity. Think of a line of parked cars. A robber may simply try every door until an unlocked door is found. The owner of that car wasn't targeted, but the opportunity presented itself. Modern digital attacks operate the same way; an automatic system scans every computer for vulnerabilities (the digital equivalent to an unlocked door). When an unlocked door is discovered, the robber comes in and takes your information, such as credit card numbers used when ordering online, bank logins, etc.
In addition, this all done anonymously with no finger prints, DNA, etc. The attacker may not even be in the same country. The severity of these threats is related to the sophistication of modern crime organizations. This is not a reference to technological sophistication as much as it is to management, organization and project management sophistication. Yes, these attackers are now actual well run, multi-tier, organized companies that operate like any other well run company with management levels, inside and outside staff and seem to operate mostly from Russia and China.
The business of identity theft is high margin and relatively easy. Most of the grunt work is not even accomplished by people. Using readily available commercial software, millions of computers can be scanned across the Internet for vulnerabilities. Without human intervention, most of these programs will act on any vulnerability (unlocked door) found and then start collecting information.
Beyond collection, these programs will automatically sort and file the information so that is easily readable and then send the information to the company that is administering your attack. By the time the company receives this information, it has already been organized in such a way that they can act on it immediately. The business goes further still; sometimes these companies will then print actual credit cards to sell to others, proceed with full identity theft, etc.
This has become so easy that there are even small "mom and pop" identity theft rings now. For a total investment of about $1,000 to $4,000, anyone can purchase the necessary "crimeware" software and with little more than reading the included documentation or documentation readily available online, these criminals can remotely retrieve your information.
All of this may sound scary. Well, it is scary. On the one hand you certainly don't want to become technologically agoraphobic over this, but if keeping your private information private is a priority, then understanding how to protect yourself is important and it can be done rather easily by paying attention to certain key indicators when online, understanding how to respond if a virus is found on your computer, along with other techniques that you can implement now with your existing computers and software. The next article will detail these easy theft prevention techniques and show you how to keep your information secure.
(Bits & Bytes is a computer troubleshooting advice column provided by Zebis, a single point of contact managed service provider located on Sanibel serving clients worldwide.)