ZDNet AnchorDesk: What can criminal hackers really do to your PC?

AnchorDesk

What can criminal hackers really do to your PC?

Robert Vamosi
Senior Editor, Reviews
Monday, Oct. 27, 2003

Add your opinion

Forward in

Format for

I get a lot of e-mail from readers asking what criminal hackers can and can't do to the average home PC. In most cases, I'd say home systems are fairly safe, if only because each computer is a needle in a giant haystack called the Internet. While the profile of the criminal hacker (for whom I prefer the term "cracker") suggests a young male who is both patient and obsessive, most of these individuals would rather stalk the big fish--university, government, and commercial systems--than your computer.

My recommendation

You can keep crackers at bay with a strong personal firewall like ZoneAlarm Pro.

I don't mean to say home PCs aren't targets. They are. Crackers keep track of IP addresses assigned by Internet service providers to dial-up, DSL, and cable-modem users. Some regularly scan those addresses, looking for PCs that are connected to the Net and that have known security vulnerabilities.

These lists of vulnerable computers are often traded or sold over the Internet, and help virus writers plant their viruses quickly. That's why it's important to use firewall software and keep all your applications updated with the latest patches.

ONE QUESTION I'm asked a lot is whether criminal hackers can turn on PCs remotely. The answer is no. A powered-off PC cannot be connected to the Internet, and crackers looking for vulnerable computers only see those that are online.

That's why a computer that is always on and connected to the Net via a cable modem or DSL is vulnerable to attacks. Always-on computers with static IP addresses are even more vulnerable, since a criminal hacker can get information about that system's exact hardware and thus launch a more effective exploit against it.

Dynamic IP addresses, which are assigned to your system when you log onto the Internet and rotate among an ISP's many customers on an as-needed basis, are much more common than static. Fortunately, dynamic IP addresses are less likely to be targeted, if only because they require a cracker to check that the system using a particular address is both online and vulnerable at the time of an attack.

I'm also asked if criminal hackers can access a computer's internal files. That depends. For this to happen, your system must have a remote-access vulnerability (such as the recent RPC vulnerability in Windows) or the cracker must have a password that allows access to your PC's hard drive.

Assuming a cracker did gain access to your hard drive, he or she would then need to know what software you are running and where your data files are stored. If you performed a typical install of the software, the files would be stored in predictable locations. But if you assigned these files to custom locations, a criminal hacker might not want to take the time to search through your directories to find and tamper with the files.

SO FAR I've spoken about active criminal hacking. But there are also more passive means available to crackers, such as automated tools that harvest personal data. I'm talking about Trojan horses--tiny apps that reside on your hard drive and send out information without your permission. Trojans often lie in wait within pop-up ads or download to your system from tainted Web sites. Sometimes they come attached to free software you download, or with music and video files you share over a peer-to-peer network.

I'd also include in this group keystroke loggers--programs that record what you type on your keyboard. Crackers can use these apps to obtain your passwords for online accounts or your credit card number.

Since these automated tools require very little effort on the part of a cracker, they are probably the greatest threat to your PC. It's more likely that some robot or Trojan horse would breech your system than a real, live individual would get access to your hard drive and steal your personal files.

ALTHOUGH I DOUBT crackers are attempting to break into your PC as you read this, there's always the possibility. That's why I tell everyone that, in addition to the hardware firewall that's included with your cable-modem or DSL router, you should use a software firewall to hide your PC's ports from remote scans. Such a firewall will also keep Trojan horses from sending out your personal data, whether it's the keystrokes of your online bank account password or a list of your system's hardware specs.

If you're worried about your PC's security, keep your applications up-to-date, and run antivirus and firewall software. Do this, and the chances a cracker could find or harm your system are slim.

What security measures do you take? Have you been hacked? If so, what happened? TalkBack to me below!

Special sponsor stores

Dell Home

Disaster Recovery
Many companies still ill-prepared for disasters Read the study at TechRepublic
10 items for your disaster recovery wish list We all have to address disaster recovery (DR) at various levels, but we typically must apply the technology to fit rigid parameters. But what if you didn't have any limitations to hold you back? Read the post at TechRepublic
From our sponsors
Disaster Preparedness
How to Develop a Business Continuity Plan Review a five step process to develop a comprehensive business continuity plan Click here to find out more!