The traditional data files on your laptop – spreadsheets, pictures, reports, and more – are valuable, and vulnerable.
But that’s not all. Many laptops will give an intruder the keys to other parts of your organisational castle, too.
Cached online passwords, transient data saved in your swap or hibernation files, ghostly remnants of previous login sessions in temporary directories – these can be worth even more to a hacker than your whole email history or your sales plans for next year.
And it’s not just skilled hackers who can extract this sort of information from a lost or stolen hard drive. Hackers and programmers generally have a reputation for being rather a lazy lot – once they’ve had to repeat a gruelling or boring technical task a couple of times, and they know and understand the procedure they need to follow, they’ll write software to automate the job.
That way, if they ever need to perform the task again, they escape the boring parts. They simply fire up the software they wrote before, and leave it to do the work. This frees them up so they can spend time writing yet more software to automate other tasks they’ve come to find boring.
So even unskilled cybercrooks can become password and network hackers, by acquiring and using automation tools written by experts. Many of these tools are open source, free to everyone. Those cybercrooks who don’t feel like sifting through your data themselves can simply sell it on to someone else.
To learn more about the “ghost in your laptop”, join Sophos Data Security Specialist Peter Lee for a free webinar, as he demonstrates what’s really at stake, dissecting an offline laptop disk to show you what’s there to be found.
You will learn:
- How easy it is for someone to extract and crack Windows passwords from a stolen laptop.
- Just some of the many places important passwords are stored insecurely.
- Why the data leakage risk extends beyond data files.
- Why remote access portals and VPNs are at risk from stolen laptops.
- What you can do to protect yourself, your data, your systems and your organisation.
Date: Thursday 04 November 2010
Time: 11:00am to 12:00 noon, Australian Eastern Daylight Time (UTC+11)
Cost: Free (but you need to register in advance)
(For those of us who care about clarity: 2010-11-04T11:00:01+11, or 2010-11-04T00:00:01Z.)
Are you in Hong Kong, Singapore, Malaysia, Philippines, Perth, or somewhere else in that part of the world? We’d love to have you along – the starting time in your timezone is 8am on Thursday 04 November 2010.
And if you’re on the US or Canadian West Coast, please feel free to join us too – for you guys, the webinar kicks off at 5pm on the day before, Wednesday 03 November 2010.
4 comments on “Laptop password cracked in 10 minutes – learn how!”
Signed up. Being a UK-based user I'm in for a late one!
btw: It added to my calendar as 00:00-01:00 on Thu 4th (local time).
I'm guessing it should be 22:00-23:00, as by then we'll be in GMT (=UTC).
I think that midnight is correct (apologies for the inconvenience). The 11am start is based on Sydney time – we are already into daylight saving, and are at UTC+11. By next week, the UK should be back to a wintry GMT, and thus sitting 11 hours behind Sydney.
PS: on a point of order, GMT != UTC. The difference can be up to a second 🙂 UTC is readjusted towards mean time every so often with a leap second.
it is scary that you even know that… 🙂
Will the session be recorded/available later ?