Hack attack, how you might be a target
By Pia Turunen
LONDON, England (CNN) -- Imagine waking up one morning to discover all your personal information has been stolen.
Your bank account has been cleaned out. The project you have been working on for the past six months has vanished. Your e-mails have been infected with a virus that has copied itself to all the people you have ever exchanged e-mails with. You try to make a call but your mobile phone's address book has been deleted remotely.
Then things start to get really bad.
The computer system protecting your house no longer recognises you because the data containing your retina scan has been stolen. Now you are barred from your home, so you alert the police, but they are very keen to talk to you about your recent credit card purchase in Panama.
It sounds like technophobe's worst nightmare, but it could be reality.
In America, the FBI reports that cybercrime is rising, costing individuals and businesses billions of dollars. And the war on this kind of crime seems hard to win.
Marius Nacht, Senior Vice President at Israeli security technology company Check Point, says: "There is no easy way to say this, but if your PC is connected to the Internet, there is someone trying to attack it within 15 minutes of the connection being made."
Hackers are not looking for individuals, they are looking for any vulnerable computers.
Sometimes computer users are helping the hacker unknowingly. Most people do not use complex methods to protect personal information because most people think they have very little a hacker might want.
So they use their birthday as a PIN code to access bank accounts, mobile phones and other personal information, to make it easier to remember.
A recent survey from U.S. security company Pentasafe suggested most people do not know how to set up a password that cannot be easily worked out. Pentasafe's marketing director David Blackman said: "Hackers work very logically. Once they uncover one password to the PC, getting the one to the cash point isn't rocket science. There is software available on the Internet which can calculate passwords."
Even a well chosen password may not be enough to protect digital information as some hackers use sophisticated methods when trying to break into our computers.
Hackers can often get confidential information effortlessly, according to Neil Barrett, digital crime expert at International Risk Management, a London-based security consultant.
"The most likely way for bad guys to break into the system is through social engineering. This involves persuading administrators or telephonists to give details of passwords or other things by pretending to be staff, suppliers or trusted individuals -- even police officers. They could be even masquerading as a computer repair man to get an access to the premises."
Social engineering a devastating weapon in the hacker's armoury. It targets and exploits computer network's most vulnerable aspect -- people. Barrett added: "As protection measures for companies and individuals become ever more impregnable, social engineering is bound to become more popular among cyber criminals."
And if the hackers do not get you, a virus might.
Last year one in 350 e-mails sent contained a virus, while the notorious "Code Red" alone cost businesses worldwide about $2.6 billion, according to the Confederation of British Industry (CBI).
Luckily most Web surfers are aware of viruses, the CBI said. But a new, more deadly virus is on the horizon, according to ISS, a UK Internet security firm.
"Hybrid viruses like 'Nimda' and 'Code Red' are especially dangerous because they combine viral spreading capabilities with hack attack techniques," the company said.
Clever hackers can secretly install a back-door "Trojan horse," a small program designed to spy on people's keyboard movements and record the information typed.
"Trojans are different from viruses because they can lurk in PCs without anyone noticing and can spy on the computer user's activities then send this information back anywhere in the world," says technical specialist Graham Cluley at UK-based Sophos anti-virus.
Cybercriminals are targeting desktop computers connected to the Web and the growing array of pocket PCs and hand-held devices. As mobile phones get smarter and carry large amounts of personal data, they too become easy meat for malicious coders.
"People forget that the mobile phone is a small computer with memory, important data and an access to the Internet. These devices should be protected equally carefully, if not more, than network computers," says Juha Snellman, vice-president of Finnish wireless security specialist SmartTrust.
Many people in the UK are already suffering from text message spam, or SMS junk mail from rogue mobile firms. The first mobile virus was found more than a year ago. Called "Timofonica," it did not start an epidemic, but Snellman warns: "Wireless security threats grow as the functionality of the handsets increases.
"Hackers are always one step ahead and we must stay vigilant to keep up with them."
Does your password let you down?
April 8, 2002
FBI: Cybercrime rising
April 8, 2002
Experts: Chat rooms a haven for hackers
April 10, 2002
Are wireless viruses looming?
February 24, 2002
IT pros learn to beat hackers at their own game
March 15, 2002
Check Point Software Technologies
PentaSafe Security Technologies
Confederation of British Industry
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
Report: SUVs pose danger to cars
New telemarketer tool trumps TeleZapper
Terra Lycos logs $2.2B loss
AOL to offer song downloads
Microsoft seeks fiscal fountain of youth
|Back to the top|