If you’re a regular reader of our blog posts here at Empower IT, you’ll know we talk a lot about hackers, and how to ensure that your personal and business networks are safe from the many threats out there in the online world. So perhaps it’s time to take a closer look at exactly what hackers are actually doing with your data if they get their hands on it. After all, these shadowy figures have cost the Australian economy over a billion dollars between 2014 and 2015. And if we know what they are after and how stolen data is being used, we have a better chance of keeping data safe and knowing what to protect.
Well first of all, what hackers actually do with your stolen info depends entirely on the nature of the data they manage to get hold of. A quick look at any newspaper shows that all sorts of personal information can be compromised. Remember when thousands of Snapchat messages including those pictures of nude celebrities were hacked and posted on various internet forums in 2014? Such images can be sold or used for blackmail purposes. It’s not just credit card numbers that hackers are seeking. There’s a black market out there for everything. And this black market is where most hacked information ends up. In a highly sophisticated network of trading sites often in the deep web and unreachable by search engines, all sorts of personal data can be bought and sold for great profits.
Who’s buying and using this info?
There are a lot of buyers out there – identity thieves, organized crime rings, spammers and people setting up botnet operations. Spamming is the type of hacking that most of us are familiar with. If you’ve ever opened your email box to be greeted with 200 adverts for Viagra, well hard luck – you’ve been spammed and the spammer, a pretty low grade criminal, is getting paid should you click on any of those dodgy marketing links. Meanwhile, phishers out there are sending email loaded with personal information to trick you into clicking links so they can upload malware and then mine your data for bank account and credit card numbers.
What sort of information are they after?
Of course, credit card details, and passwords are still very much in demand by online criminals, the fresher the better as the price drops quite quickly as information becomes older. Twitter handles can be bought in bulk and are worth more than credit card details in some cases. This is because social media accounts act as gateways to additional data a criminal can get more use from. This trade in information is good for hackers as the more info they have from different sources, the better picture they have of their victims
But healthcare data is among the most sought after type of data. If a hacker manages to get hold of health records they have names, dates of birth, insurance policy numbers and diagnoses codes that can be used to buy equipment drugs or simply to get expensive health care. With the right information, it is also possible for criminals to make fake insurance claims, which can end up costing you thousands.
And what is the information worth?
It all comes down to numbers. A basic email address won’t fetch much and there are so many credit card numbers about that even this information sells for a couple of dollars. But remember, when hackers get into a big source of data they may be able to access millions of records at a time. Botnet operators can make even more if they are illegally controlling thousands of computers to create spam or get information about accounts and personal details. And they can also rent botnets out to other criminals by the hour. A worrying trend is that the price of botnets has dropped rapidly in recent years meaning that more and more criminals can use this sophisticated technique to harvest your data without having to spend much.
What’s the minimum amount of data that hacker and criminals can act on?
All a good hacker needs is an email address, at the very least they can hit you with spam. But what they really want is passwords, credit cards or any ID or social security numbers. With this they can start to steal your identity or at least put together a really good phishing scam. If this succeeds, you can have malware on your computer and many of these have keylogging software so hackers can easily get your usernames and passwords and then log onto your online accounts including bank accounts. If they get the last four numbers of a debit card, a clever hacker reset passwords on ecommerce sites and make purchases in your name.
Information worth hundreds of millions of dollars is traded on these cyber black markets each day and the industry is now said to be worth more than the illegal drugs trade. To make matters worse, there are plenty of “how to” guides out there teaching wannabe IT gangsters how to carry out their own hacks.
Salim Sukari, Director of Empower IT Solutions says, “We are all at risk of hacking which is why it’s vital you take every precaution to keep safe, by carrying out regular security evaluations both of your home computers and devices in your company. Hackers can cause a great deal of damage and nobody likes that feeling of being victimised. Make sure you stay safe and bring the experts in for advice.”