"I will not be attacked/hacked because I am not valuable enough and no one knows I am out there."
Even if you think that your system possesses no information that would be interesting for an intruder, you still own two items of great value to the "black hat" community: your computer system(s) with its resources (disk space, CPU) and your Internet connection/bandwidth. The reasons why other people want these can range from a desire to win competitions such as those listed at distributed.net, through misuse of your system resources for sharing illegal content, to using your system(s) as a launch platform for more serious attacks such as DDoS or spam.

While many if not most attackers come for the reasons outlined above, once they penetrate your system they will often also take a look at your data and sometimes use it to their advantage or sell it to third parties.

As to being unknown, while real "hackers" are still rare, today it is easier than ever for anyone who's really interested to exploit known security holes in the different systems. These common holes are well known and information on them is freely published on sites such as "CERT" or "SecurityFocus". A wide range of easily accessible tools allow even the most novice computer user to become a "Script Kiddie"— a person who uses hacking tools without knowing the mechanisms of those tools. These tools are all available, and a short search on "Google" or a site such as "Astalavista" will bring them to anyone. The people who use these tools usually do not just attack a specified system, but scan the network ranges for vulnerable machines. Another serious threat is the spreading of Internet worms —also known as autorooters— which do not need human interaction and multiply themselves by infecting the systems without any human involvement. The person who started the worm can sit back and wait until the infected machines report back to him.

Because of the above, no one can say, "Well, my system is new, no one knows I am there, and nothing will happen to me." The rule of thumb is this: If you are connected to the Internet, you are under attack. Our own experience shows that a brand new system, unknown to anyone, will be probed for holes within the first 20 minutes after its connection to the Internet. We record between 40 and 300 daily attacks on the IP addresses of non-existent systems in our network, which shows how persistent and broad these scans are. Another example is the experiences of the Honeynet project, whose systems were probed and hacked within 15 minutes of being connected to the Internet.

"Even if I am attacked, there's nothing that can be stolen and no damage can be done to me."
How about the stolen identity and reputation of you or your company? If someone manages to penetrate your system and uses it to perform further attacks on other computers, those who get attacked will view YOU as the "black hat".

Sooner or later an attacked party will file a complaint or even report your system to the authorities. The results can be quite unpleasant: many Internet service providers will cut your Internet connection without warning after receiving several complaints, and some of those ISPs will also refuse you as a customer after that. A report to the authorities can result in even more problems. Would you like your system to be used as a platform for attacking military, government, or financial systems? Those attacks will most probably be noticed and YOU who will be viewed as an attacker.

Illegal content served from your server can result in anything from copyright owners' complaints in cases of pirated content to police involvement in other cases.

Usage of your system as a launch platform for spam mailings can land you on the "spam blacklists". Systems listed in these lists are considered to be sources of spam mailings, and this can cause your valid e-mails to be labeled as spam on remote systems. Often this will result in your mails being simply deleted without reaching their recipients.

And finally: While it is not very common, attackers can destroy the contents of your disks. If you perform no backups, all of your data will be gone. Many people and businesses realize the value of the data lost only after it is too late. We strongly advise everyone who thinks that their data is not important to rethink their position on this issue.

Plug and Play Security
A very common misperception today is a belief in "plug and play" security, that is, a belief in a magic "silver bullet" device that will help to protect the person or organization connected to the Internet from the dangers within. This device is most commonly known as a firewall. Marketing departments of the companies producing these devices tend to increase that faith by promoting a feeling that their products protect from all the evil out there. It would be nice if this were true, but unfortunately, the reality is not as simple as that. A firewall is a tool, one of many tools that help to secure an organization or personal IT resources. The goal and purpose of firewalls is to protect from certain types of threats, and this protection is only given if the firewall is carefully deployed and maintained. Most firewalls will offer protection from "active" attacks, where the attacker is actively trying to exploit your system by connecting to it from outside. The protection level varies, depending on the type, configuration of the firewall, and protected network resources.

While active attacks can be considered a serious threat, they are in the minority when compared to "passive" attacks. These are the attacks in which the information or harmful content is requested from within your protected network, and then the very same information is used as an attack on your systems.

The "passive" threats include viruses, spyware, custom-tailored attacks on applications such as a number of known DNS-based attacks, and many more. Any other threats cannot be usually eliminated or even detected by firewalls. In addition to that, many organizations and individuals often make the mistake of blindly trusting their firewalls and leaving the systems behind them wide open and unsecured. The fact is that no firewall is impenetrable. An error in configuration or software can lead to a hole in your firewall system and thus a quick compromise of the whole IT infrastructure. The same may happen in the most dangerous situation of all, when the attacker is an "insider," a person from within the company with malicious intent.

Security is not achieved by installing a firewall or any other device; it is achieved by creating a security plan that includes identifying the assets to be protected, the possible threats, and a number of countermeasures to them, possibly including, but not limited to, firewalls.