Attacking home computers 2

Why would anyone want to attack my computer?

Amateur attackers usually write and release viruses for their own amusement or to impress others. Viruses written by amateurs often behave in ways that make it apparent to the victims that their computers have been infected. Files may be deleted or moved. Images may be displayed. The infected computers may turn off at apparently arbitrary times and operate in other unexpected ways.

Professional attackers operate with the goal of making a profit. These attackers seek to profit from both the information on your computer and from the use of your computer itself. It may not be immediately obvious to victims that their computers have been infected. Victims may continue to use their infected computers indefinitely.

How could a professional attacker profit from the information on my computer?

There are innumerable ways that information from your computer can be converted into money. I’ll present several, but by no means all, of them here. Each of these scenarios assumes that an attacker has successfully run a malicious program on your computer.

A malicious program could silently monitor each web site that you visit. When you visit the site of a major bank, the program could record the username and password you type, each mouse click you make, and each screen that is displayed. It could then send that information to a waiting attacker. The attacker could then sell that information to criminals who could steal money from your bank account or, more likely, use it in a money laundering operation. Since the malicious program never interfered with your use of the computer, you may never know you’ve been infected.

Study Finds Hundreds of Stolen Data Dumps

A malicious program could email each person in your address book with a message indicating that you have been arrested in a foreign country and need them to wire you money. The messages would appear to have come from you. Alternatively, the program could request that the recipient download an important attachment. The attachment could be a malicious program that attempts the attack described in the previous scenario.

A malicious program could encrypt all of your documents and attempt to extort money from you to recover them.

File encryption extortion scam

Kaspersky to try to crack code used in ‘blackmailer’ virus

How could a professional attacker profit from the use of my computer itself?

Professional attackers often use victims’ computers to attack other computers, especially high value targets such as commercial or government web sites. Each of these scenarios assumes that an attacker has successfully compromised your computer, though you may not know it.

A malicious program could contact a waiting attacker to let the attacker know that the computer is compromised and ready to accept commands. The attacker could wait until enough computers have been compromised and combine them to form what’s known as a botnet. The attacker could disrupt a commercial web site by instructing all of the computers in the botnet to repeatedly visit it at the same time, preventing legitimate visitors from using the site. The attacker could then extort money from the company that runs the site by threatening future disruptions at strategic times, such as immediately before a major holiday or sporting event.

Alleged Botnet Crimes Trigger Arrests on Two Continents

Dutch Botnet Bigger Than Expected

Instead of attacking a commercial site, an attacker could use your computer to send a large amount of spam.

Perhaps an attacker wants to break into a target that has the resources to respond, such as a commercial or government web site. The attacker could use your computer to attack the target. Your computer will then appear as the source of the attack, rather than the attacker’s computer. If the malicious program deletes itself when the attacker is finished, you may have a difficult time explaining why your computer was the source of an attack.

How can I protect my computer against attacks?

My post on Basic home computer security makes non-technical recommendations that you can follow to enhance the security of your home computer. For basic technical recommendations, consult my post on Intermediate home computer security.

2 thoughts on “Attacking home computers

  1. Nick Dec 20,2008 2:21 pm

    You should also mention that a virus can do anything you can do; so even though Windows Vista blocks “Spyware” (and every other installed program) from accessing the internet without your permission, you’re still not safe. A virus could “click” the “Allow” button without you ever knowing that anything happened and without it ever having moving your mouse.

  2. Nick Dec 20,2008 2:21 pm

    And if you really want, you could mention that in popular distributions of Linux, in order for software that is not on the “trusted” (not created by the user) list to access the internet you need to type in a password (it hides what you’re typing from processes when typing in a password). ;)

Comments are closed.