ad info




CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
COMPUTING

From...
Computerworld

Your PC may be tapped

September 23, 1999
Web posted at: 10:17 a.m. EDT (1417 GMT)

by Deborah Radcliff

(IDG) -- If you're finding user-installed cameras and/or microphones on Windows NT machines in your enterprise, be afraid. For the past four months, U.S. Army special agents have been showing their commanding officers how to turn microphones and cameras into remote spying devices.

"We run this in the lab here all the time. You can hear the guys talking [from another room], but they have no idea you're listening to them," said Jeff Hormann, special agent in charge of the Computer Crime Resident Agency, U.S. Army Criminal Investigation Command, Fort Belvoir, Va.
MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Computerworld's home page
  Is the Back Orifice door really shut?
  How to protect your online privacy
  Download security utilities from FileWorld
 Reviews & in-depth info at IDG.net
  IDG.net's personal news page
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Search IDG.net in 12 languages
 News Radio
 * Computerworld Minute
 * Fusion audio primers
   

The attack is delivered to the victim as a Trojan horse -- a hostile applet carrying executable code -- via an e-mail attachment. Once the attachment is opened, the attacker, using ports 12345 and 12346 on the desktop, or via HTTP Web protocol and file transfer protocol connections, can load a remote administration tool and order the Trojan horse to turn on the video and/or audio of the targeted machine.

By exploiting remote administration tools such as NetBus and Back Orifice, both of which the Army has proved can be used, the attacker can hijack desktop camera and microphone applications and then direct image and voice transmissions to the attacker's PC.

Because user-installed cameras and microphones usually don't have indicator lights, the victim is completely unaware of any eavesdropping, according to Hormann and others. And no desktop image, except maybe a small tool bar icon, will appear on the victim's computer to indicate that the audio and video capture are on, he adds.

Worse, said Powell Hamilton, manager of technology risk services at PricewaterhouseCoopers in Los Angeles, attackers can use the same tactics to hijack an online meeting session conducted through systems like Microsoft Corp.'s NetMeeting and grab shared whiteboard information.

One comforting fact, Hamilton said, is that microphones and cameras have yet to proliferate across the enterprise because image, voice and videoconferencing technologies are still rough around the edges. And, he adds, fear of remote spying and information breaches will probably continue to stall widespread adoption.

There's a warning that bears repeating: Keep virus- and intrusion-detection tools up-to-date. Symantec Corp.'s Norton AntiVirus, for example, recognizes when NetBus 1.6 and 2.0 and Back Orifice and Back Orifice 2000 are running on a desktop.

But hackers now possess compiling tools to change the attack signatures, making it more difficult for packaged applications to catch these attacks. In addition, Hamilton said, nearly 40 percent of the client sites he has reviewed don't have virus protection, and 90 percent don't use intrusion detection software.

Given the voyeuristic ways of hackers and rising concern over electronically committed corporate espionage, now is a good time to take inventory of your organization's microphones and cameras. If users have deployed these devices, teach them to manually cap cameras and unplug microphones when not in use. And if your organization is moving toward adoption of voice and video technologies, pay for higher-end microphones and cameras with indicator lights.


RELATED STORIES:
Embassy site hackers aimed to show its vulnerability
September 8, 1999
New tool blocks wily e-comm hacker tricks
September 7, 1999
Hacker ruse can exploit ActiveX Controls
September 6, 1999

RELATED IDG.net STORIES:
Your personal info is for sale
(PC World Online)
Most corporate hacks are inside jobs
(PC World Online)
Is the Back Orifice door really shut?
(Computerworld)
Take Internet privacy into your own hands
(PC World Online)
Who -- and what -- is defending your privacy?
(PC World Online)
How to protect your online privacy
(PC World Online)
Download security utilities from FileWorld
(PC World Online)
Year 2000 World
(IDG.net)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
Symantec Corp.
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.