TOM JEWKES

Peanut butter and jam sandwiches remind me of Star Wars. Let me explain. When Star Wars, A New Hope came out in theaters in May 1977, I was six. I didn’t see it in theaters. At that time, our family really didn’t go to the movies. My dad only liked drive-in theaters, and as they were beginning to drift out of the culture, so did our movie-going.

While Star Wars was a box-office smash-hit, the real hit was in merchandise. There again, I got the short end of the stick. I didn’t have any action figures, or tiny X-Wing miniatures. I had stickers — a couple. One was a Jawa. And I proudly plastered both of them to the inside of my Evil Knievel lunch box — a metal one.

Every day, I’d eat my PB&J sandwich, and look at those stickers, envisioning I had actual action figures from the movie. It was very emotional for me. I was longing for something I might never obtain.

I don’t eat peanut butter and jam sandwiches much anymore. But I still love them. The downside of eating a PB&J sandwich for lunch at school was the jam-side of the bread had soaked up the moisture from the jam and got soggy. A fresh PB&J is much more enjoyable. You could say the jam makes the sandwich “perishable.” Because PB&J is easy to get, and perishes quickly, the value of one in dollars is small.

The value of original Star Wars toys on the other hand, now they have value. They are more rare and not very perishable. You can find specimens still sealed in their original packaging, and they are worth far more than a soggy PB&J.

The Dark Web (the black market for digital information) has its own version of the PB&J. It too is determined by perishability. Credit card numbers are the most perishable, since they can usually only be used once and then are abandoned by the credit card company. So, the value of a credit card number is about a dollar. It’s the black market PB&J.

Your health information on the other hand … now we’re talking. Health information is like a new-in-the-box Millennium Falcon, circa 1979. A complete health file for an individual can fetch hundreds of dollars, or even up to $1,000, because health insurance is expensive, and health data doesn’t change much. So, if you were a criminal, where would you focus your efforts? This explains why clinics and dentist offices are squarely in the crosshairs of these crooks.

The critical data you use in your daily business varies in value on the black market of the Dark Web. It is the value of your critical data, not the size of your business, that really determines if you are a target for ransomware or other malware. If you handle data like social security numbers or driver’s license numbers (known as PII), you are handling pretty valuable data. Additionally, if you are in the medical field, you are sitting on some pretty valuable loot (known as PHI). Even if you store it with a cloud provider, you are still a target.

This is what most people don’t think about when using a cloud provider. The data also sits temporarily in the memory of your computer. Some malware will (after infecting your computer) scrape through your computer memory looking for PII and PHI.

In addition to PII and PHI, some cyber crooks also steal your customer contact information. They will use it to craft a social engineering attack against the customer, using your business as a cover. When that happens, your reputation will be damaged. You don’t want that.

I’m grateful that as a young and poor Star Wars fan, there were inexpensive stickers. I had to make do with what I could get. Cyber criminals do that too. They will take any data they can get. You may not think you have any data of value to the criminal underworld of the Internet, but to them, everything can turn a profit — even a soggy PB&J.

Co-written by Dan Gavin and Tom Jewkes, the cyber guys from CyberEye. An archive of past articles can be found at www.cybereyeaw.com/blog Contact us at gavin@cybereyeaw.com and tom@cybereyeaw.com