|
Thursday, June 16, 2005
Ng: Network security
By Wilson Ng
Wired Desktop
HACKER HUNTERS. It is really a hot topic nowadays. Two months ago, I was in a Microsoft conference. Priority number one—security.
Last week, I was in a Cisco conference. Opportunity number one—security.
The other week, Businessweek’s cover story was on the “hacker hunters.” It highlighted that things like viruses, spyware and the like are not only nuisances, they are also a big global business.
Total damage last year through cybercrime hit $17.5 billion, or 30 percent higher than in 2003, according to Computer Economics Inc.
The number of Internet fraud complaints monitored by the Internet Crime Complaint Center (a joint venture of the National White Collar Crime Center and the FBI) reached 207,449 in the year 2004, up from
only 48,252 in 2002.
The article highlighted the hunt for a cybercrime syndicate called ShadowCrew. The size of the syndicate—over 4,000 members all over the world.
So far, the Secret Service has discovered that the group has over 1.7 million credit card numbers, access data to more than 18 million e-mail accounts, and fake identity cards made for thousands of people, from driver’s licenses to British passports. Yes, it is big business.
The important thing to be aware of is that today’s malware (malicious software) authors are a different breed from those of five or 10 years ago. They are really bent on using their skills for financial gain.
One of the biggest devilish trickeries occurred in January 2004 when a
virus called MyDoom appeared purportedly to do a denial of service attack on the website of the SCO Group.
The SCO company was embroiled in a copyright battle with Linux, and security experts said the virus writer was probably a Linux fan seeking revenge.
In fact, in some websites, many even volunteered to be “infected” so that they could help attack the SCO site.
They were wrong. It was a Trojan horse. While it did attack the website, it also contained a key-logging program to record a user’s keyboard strokes. There was a backdoor program that could steal passwords and credit card information by monitoring keystrokes and mailing them out.
CYBERTRICKS. Here is a simplified guide to some “cybertricks”:
1. Phising. Normally, this refers to email sent to people purportedly from legitimate outfits (like banks or telephone companies), asking people for passwords or asking them to link to a website to verify or give some personal data. The website of course, is spurious, but designed to look legitimate.
Rhymes with fishing, which is actually what it is—fishing for information.
2. Pharming. This is a virus similar to MyDoom, which is normally a keyboard logger planted in the computer so that it can monitor keystrokes. The intent is to steal confidential information, particularly passwords to financial websites. Rhymes
with farming, which is the accumulation or collection of information.
3. Wi-Phising. This is when a fake wireless network is set up for consumers to log into the Internet. They use the network to steal passwords and other information.
You should be wary about using wi-fi hotspots that are not properly identified or hotspots made to look legitimate but are not.
For instance, if your wi-fi SSID is HotWire, some enterprising people may set up an almost similar Wifi spot like HotWise, which may lure the unsuspecting to log into their network instead of the correct one.
4. TypoSquatting. Hackers set up a website that looks like the real
one, but is not. When people type the wrong word (for instance, gooogle, instead of google), they may end up with computers that are infected with viruses.
5. BOT Networks. Which computers are the least guarded? Not the ones that belong to big corporations, but many of those small or individual computers.
The hacker can infect your computer and use it to attack the big computers.
Many unprotected computers are used as staging points for launching spam or network attacks.
BOT networks allow an unsuspecting person to be part of an international terrorist computer network without the user being aware of it.
Hackers are dreaming of new scams every day. Always remember, caution is essential when surfing the Internet.
(www.bizdrivenlife.net)
(June 16, 2005 issue)
Write letter to the editor.Click here.
Join the Sun.Star message board.Click here.
|
|
[return to top]
[home]
[network page]
|
LOCAL NEWS
BUSINESS
OPINION
SPORTS
LIFESTYLE
FEATURE
SUPERBALITA
WEEKEND
|
