CASES.LU

Glossary

  1. ▹ Antivirus
  2. ▹ Assets
  3. ▹ Authentication
  4. ▹ Availability
  5. ▹ Basic criteria for risk analysis
  6. ▹ Computer Hacks
  7. ▹ Confidentiality
  8. ▹ Control
  9. ▹ Cryptography
  10. ▹ Cybercrime
  11. ▹ Cybercriminals
  12. ▹ DRP – Disaster Recovery Plan
  13. ▹ Data backups
  14. ▹ Data loss
  15. ▹ Defacement
  16. ▹ Disinfect machine with a live CD
  17. ▹ Disposal
  18. ▹ Email
  19. ▹ Firewall
  20. ▹ Human error
  21. ▹ IDS/IPS
  22. ▹ Image rights
  23. ▹ Impact
  24. ▹ Integrity
  25. ▹ Internet and copyright
  26. ▹ Legal Aspects
  27. ▹ LuxTrust
  28. ▹ Malicious Codes
  29. ▹ Malicious websites
  30. ▹ Network segmentation
  31. ▹ Password
  32. ▹ Patches
  33. ▹ Phishing
  34. ▹ Physical faults
  35. ▹ Securing a fixed workstation
  36. ▹ Physical theft
  37. ▹ Recommendations for securing a file server
  38. ▹ Recommendations to secure a server connected to Internet
  39. ▹ Recommendations to secure a Web server
  40. ▹ Removable devices
  41. ▹ Risk processing
  42. ▹ Spam – unwanted emails
  43. ▹ SSL/TLS – encryption technologies on the web
  44. ▹ Update softwares with Secunia PSI
  45. ▹ Security Charter
  46. ▹ Social engineering
  47. ▹ Threat
  48. ▹ Virtual Private Networks (VPNs)
  49. ▹ Vulnerabilities
  50. ▹ Web of Trust - WOT
  51. ▹ Web filter – Proxy
  52. ▹ Why is it important to protect your computer?

Why is it important to protect your computer?

In brief

A virus can paralyse your computer – it will no longer function correctly and will have to be repaired. It is extremely annoying!

If, like most people who use the Internet, you believe this temporary loss of availability of your computer is the worst thing that can happen, you would be very wrong. This is just the tip of the iceberg. The real breadth of a digital attack only rarely comes into play. In almost all computers, cybercriminals can find “loot” with a high value. If they do grab this loot that you, as the legitimate owner, do not consider as being particularly valuable, this can lead to enormous damage.

The poster “You Are A Target” in the SANS Institute (based on the work of Brian Krebs) gives an excellent overview of the routes taken by these criminals in order to make money off your back.

Particularly sought-after are:

Usernames and passwords.

Cybercriminals access usernames and passwords using phishing emails or Trojan horses which record every keystroke the user makes. It is often even easier than that. If you use a password that is too basic, it can be “guessed” in a few seconds using special software or by a social engineering expert. Log-in data is highly coveted by ill-intentioned people, as it enables them to log in to online services in your name.

For example:

  • on your company’s servers to access confidential company data
  • with online banking sites to steal money from your account
  • on your online server to access data you have saved
  • on your online store to purchase items in your name and which will be billed to you
  • on your social media accounts, your email account or your chat programs in order to steal your online identity and use it for improper purposes

Private contacts

Cybercriminals collect names, email addresses and telephone numbers from people in your contacts list to sell them to third parties. These third parties will go on to use this data to send spam or phishing emails, thereby widening the scope of their criminal endeavours.

If your list of contacts includes people in the public eye or who occupy positions of responsibility in certain industries, criminals may also search these contacts in a more targeted way.

Sensitive communications

Do you have private or important professional discussions via email or chat? Criminals may also be interested in this content! You should know that email is not a suitable means of sending confidential data – especially secret data.

Virtual goods

Cybercriminals will look into anything that can make them some money. Intangible goods, such as software licences, operating system keys or games licences – all easy to copy and resell – very much fall under this heading.

Characters, objects and payment methods in video games, as well as high scores, can also be a lucrative source of income for cybercriminals.

Your financial situation

Once cybercriminals gain access to your computer, they can go through it seeking out valuable information. For example, information about your credit cards, tax data or investment plans. Depending on what they can find out about your financial situation, cybercriminals will decide whether or not to keep you within their line of sight.

Botnets are huge networks of compromised computers (also known as “zombies”) that are controlled externally and remotely. Without you even realising it, your computer could be part of such a network, and then used for sending spam or phishing emails to millions of users across the globe, or for carrying out distributed-denial-of-service attacks, which bring down whole websites and web services. Your computer can become a source of crime, even if you do not personally take part in any wrongdoing.

Your computer as web server

This is just as dangerous. Criminals can transform your computer into a web server that they go on to use to make illegal content available to others. The content may be:

  • phishing websites, which are used to steal log-in or access data to the e-banking services of unsuspecting users
  • attack tools used to compromise the computers of innocent third parties
  • child abuse and/or pornographic material, pirate videos and music

Your computer as a means for blackmail

One common modus operandi for cybercriminals at the moment is to infect their victim’s computer with malicious software (malware) and then offer to “clean” it up for a fee. Criminals can encrypt all the data on a computer using a method that only they can decrypt. In this case, the criminals will demand payment of a large sum of money to decrypt your data. If you do not pay, you will not be able to retrieve your data.

If you have visited problematic content, such as pornographic websites, or engaged in intimate conversations via webcam, criminals could have a record of your activities and demand money to avoid them publishing this information. If you are in the public eye, you need to be doubly careful to avoid this type of criminality.

How can I tell if my computer has been hacked?

It is difficult, if not impossible, for non-specialists to tell if their computer is infected once the malware has been well written. But there are still some clues to watch out for: perhaps your computer is running slower than usual? Has your anti-virus software flagged something up? When searching on Google, do you get redirected to other search engines? Have your friends mentioned any strange emails or messages they have received from you? Has your email account or any social network profile been blocked because it is distributing spam? Does your webcam come on automatically? Does advertising appear within your operating system, independently of any websites visited? Does your computer suddenly freeze while updating software? These are just a few examples of strange behaviour which should alert you to the possibility that your computer may be infected.

If possible, you should use a Live CD to scan your device. This process enables your computer to be analysed without starting up the main system, and is therefore perfect for anti-virus operations.

You are also recommended to back up your data, then reinstall your OS. If you need help, contact an IT specialist.

As always, the old adage holds true: prevention is better than cure! To minimise your computer’s vulnerability, apply technical protective measures as a prevention and adopt safe practices when browsing the web.

Table of Contents