Don’t be “pwned”- InfoSec 101 November 7, 2011Posted by Chris Mark in Uncategorized.
Tags: Chris Mark, InfoSec, risk management
pwned is a term that originated in online gaming and has been adopted by hackers. It is pronounced ‘owned’ and the origin of the misspelling is not important but you can read about it here. At a high level to be pwned means to be controlled. If your 15 inch MacBook Pro laptop is infected with a backdoor program it is fair to say you have been pwned. Back Orifice (a play on MS’s Back Office) is one of the original backdoor programs. Whey is this important?
Companies and people are often under the mistaken belief that cyber criminals are only interested in servers that contain sensitive data. In truth, user systems often contain information which is valuable. Users often store usernames and passwords on their desktops and laptops. Additionally, users often use their email to freely discuss information that can provide significant value to an adversary. Consider a situation where an executive is discussing new product plans for an upcoming iteration. Competitors (unethical competitors) would value this information. It is estimated that intellectual property theft costs the UK 27 billion Pounds annually.
On another note, law enforcement may also have an interest in what is on a personal computer. While laws vary, under the right circumstances, law enforcement can also track activity on personal computers. While EU laws are much more strict in this regard, some US companies also track user behavior. Installing tracking software that can record screenshots, key strokes, and email is a relatively simple process. While being lawfully monitored and pwned are not the same, the technologies used are similar.
How do you know if you have been pwned? Well…most of the time you won’t unless the other side wants you to know to send a message. Often, anomalous activity on your system can be an indication that your system is infected with some form of malware. BlueCoat estimated in 2010 that 48% of systems were infected with malware. Recent estimates have put the estimates as high as 80%.
So what to do? Ensure that you use your work system for work and are careful about emailing sensitive info on an ‘untrusted’ system. Ensure that you keep your system updated with malicious software protection. Ensure you use a firewall with appropriate rules. Use complex password. It is important to remember that once your system is ‘owned’ it is very difficult to repair and have confidence in the system’s security.