While I applaud the publicity for the efforts of a local-ish (to me) researcher to study the patterns of computer hackers, I always cringe when press articles focus on money and personal info.
No question that getting into your bank account is a valuable thing for a hacker. Stealing your identity is theft one step removed: The hacker (or thief who buys the info. from said hacker) aims to steal your identity to steal from others.
My point is that it doesn't end there.
To wit: You could be flat, busted broke, and have a negative credit score, and hackers will still be interested in you as long as you have a functioning computer connected to the internet.
Here are just a few ways you can still be victimised, even when you think that you are "safe" because you're not Warren Buffet:
Spam - the original flavour. All the email addresses in your contacts list? Those can be stolen and spammed. I'm sure your Mom, your boss, and/or your BFF will all appreciate that...
Spam - now with new and improved Sleaze Factor(TM). If the hacker (or hacker's client) isn't spamming your friends with dodgy V1@gr@ or Nigerian Prince come-ons, they're trying to trick your contacts into infecting their own computers. (War story: The one and only virus that happened on my 2-year SysAdmin gig happened because a normally vigilant someone expected an email with an attachment and double-clicked it. Bottom line: It can happen to anyone. And I mean anyone.)
Spam - the social media version. If you have a social media account, those passwords can be sniffed and stolen. Love those sleazy DMs you sometimes get in Twitter or Facebook that are followed by an embarrassed apology from a friend who's just wrested back control over their account? Yeah, me neither. Want to be the one making those apologies to your aunt? Me neither.
Borgifying your computer. You may never think you have a fast enough CPU or half the RAM you could use. But believe-you-me, you have more than enough power to (unwittingly) help someone mine Bitcoins. And, holy moly, if you think your computer is slow now...
Borgifying your computer + bogarting your bandwidth. Remember the distributed denial of service (DDoS) attack that nearly took down the XBox network last Christmas? That dick move was brought to the world not only by hackers, but by hordes of infected computers (otherwise known as a "botnet.") Also, remember all that spam we were just talking about? Yeah, that's likely being pumped through compromised computers as well. Did Netflix streaming just sputter out? Oh, your ISP just billed you b/c you went over your monthly bandwidth ration? Sucks to be you...not to mention everyone else on the receiving end of your computer's shenanigans.
So, it could be just me being cynical about the human race (see afore-mentioned SysAdmin stint), but the whole "I don't have anything to hack" meme is being used as an excuse not to keep computers patched. And that, even a decade down the road from babysitting networks, just pisses me off.
As much as I despise the codified knee-jerk hysteria that masquerades as cybersecurity legislation, sometimes I wish that people could be legally barred from having admin. rights on their own computers after Computing While Lazy. Because when our digital lives are eating so deeply into our meatspace time, responsibility comes with the power to instantaneously connect with people all over the planet.
