ad info

 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
 
 

 
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)

MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 


WORLD

U.S.

POLITICS

LAW

ENTERTAINMENT

HEALTH

TRAVEL

FOOD

ARTS & STYLE



(MORE HEADLINES)
*
 
CNN Websites
Networks image


Hacker attacks: You can never be too safe

PC World

(IDG) -- The hacker front has been just a bit too quiet lately. We haven't had a splashy denial-of-service (DoS) attack since February when Yahoo and eBay were hit. The Love Bug, launched around Mother's Day, was the last really bad outbreak (although lots of lesser threats are released every week).

Could it be that our nation's young computer brainiacs have decided to spend less time hacking and more time chasing sports or the opposite sex? Probably not, say security experts.

Microsoft's recent attack may not be the work of youthful cybervandals, however. Reports that the intruders enjoyed undetected access to Microsoft's network for nearly two weeks bolsters some security experts' observation that those were not curious kids.

  MESSAGE BOARD
 

"These people knew where they were going," says Michael Erbschloe, vice president of Research at Computer Economics. "If someone has source code, they will have an easier time breaking into other Microsoft-based systems in the future."

Don't be fooled just because the Microsoft trespassers apparently used the Qaz Trojan, a widely available program for taking control of a PC. That may literally be a Trojan horse, so Microsoft would think the recent hackers were young adventurers.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  PC World home page
  Make your PC hacker-proof
  On the front lines of the anti-hacker war
  Inside the world of a 'hactivist'
  Reviews & in-depth info at IDG.net
  E-Business World
  TechInformer
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletters
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Trojans gather at the gates

You're likely to see the Qaz Trojan again soon, says Troy Billington, a network security consultant for the Florida-based ISP Kcl.net. It already has infected thousands of PCs in the Miami area alone, Billington says.

Another low-profile but serious threat is the VBS.Kak worm, which is wriggling through PCs, harvesting their information, and sending data back to its originators.

Those are just two of the common Trojans being busily planted by hackers in anticipation of a year-end blowout, says security consultant Jim Weaver, owner of Cyber Resources. The sources he monitors indicate that hackers are seeking out millions of vulnerable PCs to control like zombies in a sizeable denial-of-service attack on a popular Web site this year, Weaver says.

The upshot is, hackers are definitely up to something, Weaver says. He spots would-be Trojan planters scanning the ports of his own systems 80 to 100 times each day. "They are just biding their time and building up," Weaver says.

Targeted attacks expected

The next big DoS attack could be "legitimate," perhaps an orchestrated protest, Billington suggests. The attack might be disguised as typical request that's exaggerated, so it cripples a particular site or company, he adds.

For example, one or more political action groups will simply get all their members to simultaneously request the same GIF file from a target Web site, or deluge some high-profile business with e-mail, says Billington, who operates the DoSHelp.com Web site for denial-of-service victims.

Neither Weaver, Billington, nor several other security experts have much faith in the inviolability of the 128-bit Secure Socket Layer encryption that protects Internet financial transactions. Both Billington and Weaver report hackers tackling 128-bit encryption by trying to get enough computers hooked together to crack SSL.

Other targets are Web Application Protocol (WAP) used on personal digital assistants and mobile phones, and the XML page-description language, which is moving to replace HTML on Web servers.

Virus threats surpass PCs

The passwords typically used to protect financial files and entry to company LANs, intranets, and extranets usually pose only a minor hacking challenge, experts say. They expect computer security problems will increase dramatically as the Internet becomes a more prevalent feature of PDAs, mobile phones, and pagers, and migrates to video game consoles and TV.

"There are many times more cell phones and pagers than computers, and once hackers get into a consumer device at any level, they can initiate communication," warns Paul Robertson, a senior developer at ICSA.net, a security consulting organization. "My pager can run programs. Imagine what will happen when your refrigerator is Internet-enabled for ordering groceries."

Consumer-oriented electronics industries are still learning about virus protection, and it isn't yet part of their infrastructure, Robertson says. Current security measures for those devices may simply not yet be sufficient, Robertson warns.

The world shrinks

Security for the digital devices in your home and office is really only as good as law enforcement in, say, China or the Philippines, experts point out.

That's because prosecution often must occur under the laws of the country where the crime is perpetrated. The Qaz Trojan, for example, originally opened a back door to your PC and broadcasted data back to its creator--in China. The Philippines, on the other hand, is the suspected birthplace of the I Love You virus (or Love Bug), one of the most destructive viruses ever released and a great example of hacker resourcefulness, says Erbschloe.

The Love Bug isn't a particularly innovative piece of programming, Erbschloe says. But putting an "ILOVEYOU" message--or one of its 40 variants--in an e-mail subject line around Mother's Day really tapped a human vulnerability. It enabled the Love Bug to hop across an estimated 55 million PCs in its first 24 hours in the wild and simply outrun the antivirus software writers who were chasing it.

The experience cost businesses $6.7 billion during Love Bug's first five days on the loose, Computer Economics estimates. The total hit $8.7 billion by the time the virus was tamed. Watch for a "Happy Thanksgiving" or "Merry Christmas" virus as the calendar ticks down, say Erbschloe and other security analysts.

Is your welcome mat out?

So, how susceptible are you to these attacks? The short answer for most people is "very," say the experts.

You can reduce your vulnerability to a negligible amount if you frequently update your antivirus and firewall software, turn off your broadband connection when not using it, and scrupulously avoid chat rooms, Usenet news groups, and e-mail (especially with attachments) from strangers.

But almost 45 percent of those who log onto the Internet regularly still don't have antivirus software engaged, even when it's installed, according to a recent audit of home-based PCs by PC Data. Those surfers are totally exposed.

PC Data didn't measure the number of home PCs with personal firewall software. But that software strategy is still fairly young, so it's likely to be low. At the same time, the number of always-on home broadband connections that need firewall protection is rising faster than expected. Computer Economics projects cable modems and DSL lines in homes will quintuple from about 8 million this year to about 43 million in 2005.

Mischievous surfers on the waves

In the meantime, the hackers are out there, surfing and searching, with varying degrees of skills and success, for their next targets.

Using automated tools, hackers scan large numbers of IP addresses to find PCs with open ports where they can plant BackOrifice, BrownOrifice, or other Trojans. These programs allow the intruders to control a PC and enlist it for denial-of-service attacks.

They're succeeding. The ports on four out of ten PCs have a Windows File Share vulnerability that opens the computers to infiltration, according to according to authorized scans of PCs conducted by The Symantec Antivirus Research Center (SARC).

Unless you're electronically updating your PC's antivirus and firewall components regularly, their efficacy is in serious question. But even an update as recent as 24 hours prior wouldn't have protected many PCs from the fast-moving LoveBug, Erbschloe points out.

Electronic trespassing is really a psychological game, he says. Virus hoaxes also are on the rise, and hackers sometimes use them before a real viral release to get potential victims to let down their guard.

Viruses infect the workplace

Meanwhile, back at the workplace, viruses are spreading with vigor. The number of companies reporting computer virus infections rose by more than 20 percent during the past 12 months, according to ICSA.net's sixth annual virus tracking study. Two-thirds of the 850,000 company PCs that ICSA.net polled had experienced file problems caused by viruses during the past 12 months, compared to 50 percent during the prior year.

Forty percent of the companies interviewed actually lost data in the past year--a 23 percent increase from the previous year. The price of virus infection is also rising: Cleaning up costs between $100,000 and $1 million per company per year, ICSA.net says.

Computer Economics estimates that virus infections will cost all companies a total of about $17 billion in ruined PCs and lost productivity before the end of this year. And that's assuming that infections remain routine and don't include another really serious outbreak like the Love Bug.

Ongoing battle

Staving off hackers and halting viruses is not just a matter of combating individual outbreaks. Today, PC users must be concerned with the cumulative weight of so many bad actors out in the wild. SARC has counted some 48,000 viruses, worms, Trojans, and other forms of malicious code at large, and the count grows by about a thousand each month. Downloading the latest antivirus definitions involves a file that averages 4 megabytes in size.

"The problem is that, just like real viruses, we can't stamp out computer strains," says ICSA.net's Robertson. "Viruses never go away, and what we don't need is 1 million virus signatures in virus scanners."

Security experts agree the technological advantage continues to swing back and forth between themselves and hackers. The security consultants expect to have jobs for life. (So, perhaps, do their adversaries).




RELATED STORIES:
Hackers attack Microsoft network
October 27, 2000
Senate committee approves watered-down anti-hacker bill
October 10, 2000
Hacker warns Nasdaq.com of security holes
October 3, 2000
Hackers reject $10,000 offer to break code
September 18, 2000
New denial-of-service attack tool uses chat programs
September 6, 2000

RELATED IDG.net STORIES:
Symantec offers Web-based PC checkups
(PC World)
Microsoft stung by hack attack
(Computerworld)
Cyber-insurance policies cover hack-related losses
(NW Fusion)
Inside the world of a 'hactivist'
(Computerworld)
On the front lines of the anti-hacker war
(The Industry Standard)
DoS attack tool uses relay chat
(NW Fusion)
Would you hire a hacker?
(CIO)
Make your PC hacker-proof
(PC World)

RELATED SITES:
DoSHelp.com
TruSecure Corp.
Symantec AntiVirus Research Center
Kcl.net

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

 Search   

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.