warcraft guild hacked, illustrates challenges to normal users

Sometimes you get painful lessons in what “normal” people think about computers and security. Sometime in the last 4-5 days my World of Warcraft guild’s guildmaster had his account broken into. The attacker logged into his account, raided the guild bank and his toon, then did a /gdisband (disbands the guild) among probably other things. Our gm was’t even in town, as he’s away to GenCon. Tough times. (And just as we’ve started our first few weeks of pulls on Illidan).

In correspondence with him subsequent to the event, I find out that he uses the same password/account for many sites and may have used one or two of them while at the con, including our guild forums which do not have SSL. Rut roh. Of course, this only adds risk, but this actual attack could have come from elsewhere for all we know so far.

He has a good idea about running rootkit scans, keylogger scans, and a personal firewall, but beyond those general concepts the thoughts of properly managing accounts, passwords, and operating on potentially hostile networks is a bit foreign.

Here’s another way to look at it: He’s getting to be ok in knowledge of his own computer, but the more boring concepts of security are falling by the wayside. Network knowledge is a whole different ballgame for most people, and deeper knowledge of how one interacts with the Internet is not as useful to most people as how they interact with their actual system.

Could this be fuel to the fire that says passwords suck? I don’t think so. Password, tokens, keys, digital IDs; they all need key management. I think this is fuel on the fire of teaching better key management, i.e. don’t use the same strong password everywhere.

While an annoyance to me, it is a good reminder not to look at normal people like they’re idiots because they don’t know SSL or the threats posed by wow-related webpages, but to have patience and make an attempt to bring them up to speed.