ASSOCIATES (vol. 10, no. 3, March 2004) - associates.ucr.edu

by

Kent Slade
Logan Library
Logan, Utah
kslade@loganutah.org

I want your money. I have too much time on my hands and I hate Microsoft. If I send out enough e-mails I should get a few responses. Without knowing it, you have probably dealt with individuals that think like this.

If you mess with someone else’s computer, is it a crime or just malicious behavior? From 2001 to 2002 there was a 90 percent increase in cyber-security incidents reported, costing an estimated $445 million. And it’s not a bunch of computer geeks investigating computer crimes, it's a bunch of FBI-computer geeks. CERT, the first computer security incident response team, takes incident reports. Sites such as SANS (a resource center for security professionals and system administrators www.sans.org) track cyber crime incidents. Crimes fall into three categories: unauthorized access (hacking), malicious codes (viruses), and denial of service.

Hacking - Unauthorized access into a computer or system can result in stolen information. This accounts for 74 percent of cyber-security issues. Disgruntled employees are the biggest threat with unauthorized access. Having a good security policy and vigilance and understanding of what is happening in the network is the best prevention for this type of intrusion.

Viruses – Malicious code inserted onto a computer to damage or disrupt the PC, attack company networks, deface Web sites and create denial-of-service attacks.

About 1,000 viruses are created every month. In most cases virus writers are computer-obsessed males between the ages of 14 to 34 years old. They have a chronic lack of girlfriends, are usually socially inadequate and drawn compulsively to writing self-replicating codes. To them, viruses are forms of digital graffiti.

Microsoft has an undeserved reputation as being the virus writer’s best friend because these criminals so often target its software. Microsoft is not necessarily more vulnerable than any other software; it’s just that their popularity makes them a prime target. Virus writers, along with looking for vulnerabilities in new software, commonly exploit known bugs in software.

Will a virus scanner prevent your computer from becoming infected? It depends on two things: How gullible you are and how thorough you are. Most virus scanners are designed to catch the worst viruses. But they do need constant updating. After all the biggest threats are the unknown. Most programs use heuristics to try to identify new dangers by looking for items that may act like or contain data similar to known malware (malicious programs or code). Tests of programs showed that the slowest programs tended to post the best results. Virus checkers can now be set to check for updates on a daily basis. But none of them can enforce an anti-virus update in real-time. To complicate matters, different operating systems, remote users, and laptop users make protecting computer resources much more daunting and time-consuming.

Unlike viruses, worms and Trojan horses are stand alone programs that don’t infect other files, so simply stopping them is not enough. Viruses infect the file, so deleting the effected files is the last resort. Disinfection—removing the virus code and repairing the original file—is preferable, but not every program can clean every file.

Viruses spread so quickly that it is difficult to find the source unless it is tracked very early in the life of the virus. The most common way to get infected is through Internet e-mail. Virus writers are becoming sneakier in how they propagate their creations while victims steadfastly refuse to learn from experience. Virus writers are using psychology. For example, one variant of a virus is advertised as a virus update, another headlines itself as notification of a withdrawal from the recipients bank account while another promises pictures of sexy girls and, one assumes, boys. Why do we keep opening these kinds of attachments? Surely it’s because we are dumb. And it only takes one person in one staff member to ignore instructions to update their software, allowing the virus to spread throughout the institution.

Small and medium-sized libraries are at an even greater risk. Most lack sophisticated capabilities to protect their computers from viruses. More important than reducing the cost and administration of client updates is ensuring that virus updates are enforced without delay.

Denial of Service Attacks - An overflow of information sent at a system in an attempt to crash the system or otherwise abuse it. This disrupts the free-flow of information. Sometimes these attacks are generated by programs placed on numerous other unprotected systems and aimed at one victim. Several years ago, this involved just a few hundred programs at most, but now hundreds of programs can be put to use for this purpose.

Spyware, on the other hand, is not a crime. Some think it should be. These are programs, such as cookies, that track your usage on the Internet. This might be to target marketing messages to you, might be hackers or scammers or just nosy bodies. Of course if you are a marketer, the use of cookies serves a valuable purpose in being able to build a database of consumers who use your product.

Virus scanners will not stop spyware. Antivirus companies are hesitant to label spyware as malicious. After all, the user agreed to the spyware by accepting the agreement. Most end-users do not read the license carefully, which typically specifies that targeted advertising or the gathering of market data is allowed.

You have probably seen the Nigerian scam letter. The sender, someone who describes themselves as someone in authority or someone you could trust, needs to get large amounts of money out of their country. If you help you can earn 10 to 20 percent of the money as a fee. All you need to do is to provide financial information so the money can be transferred to your bank account. Instead you find out your account is drained of all funds. This scam actually predates the Internet. Originally, paper letters were sent out by hand. Care went into finding just the right people who would fall for the scam. With spam broadcast mailings, that kind of research is no longer required. The dumbest get ripped off.

Another variation is from an individual executing the will of a passenger killed in an airplane crash. Nobody is claiming the money and would you be interested in helping out? Some other recent scams include notification that you may have won a lottery prize and must claim it ASAP. The wife of recently killed, indicted, or imprisoned husband writing for help is a recurring theme. These are all examples of how the classic scam letter has morphed over time.

So, how do you protect yourself in today’s online world? Never give out your last name, home address or phone number in chat rooms or on bulletin boards. Never give out your screen name , user ID, or password except to close family or friends. Never give any information about yourself to anyone or any Web site if you don’t feel comfortable.

If your home computer accesses the Internet through DSL or cable-modem, be sure to install a firewall, a program or hardware device that filters information coming through the Internet into your computer or network. It creates a barrier to keep hackers and offensive forces away. These filters use several techniques: Packet filtering, small clumps of data are analyzed through filters and then sorted and are either sent through or are discarded; proxy service is where information is retrieved from the Internet by the firewall, sent to the requesting system and vice versa; careful inspection compares key parts of data to a database of trusted information. It is then monitored for certain characteristics and then either allowed through or discarded.

Encryption is now seen as a pretty secure way of transporting e-mail. When you want to send an e-mail you type it in the way you want it, hit an encrypt option on the mailer software. It mixes and re-mixes each binary bit of the message. The message can only be unscrambled by the same exact software using the senders private code. The received then hits their decrypt button, types in the code, and a readable message is displayed. Encryption is one of the safest, most foolproof methods of keeping your e-mail private. Of course, there are hackers out there who will try and break the codes. Encryption software has been around for twenty years or so. It was not always as secure and tamper-proof as it is now.

Don’t open attachments from people you don’t know. Be careful on opening attachments from people you DO know. A recent conversation thread on the ALA Council mailing list indicated that several Councilors were leery of opening a survey sent to them—from a company taking a survey on the ALA Midwinter Conference.

Last of all be careful. Like we indicated above, don’t give out personal information, especially sensitive information like social security numbers, bank account numbers, or credit card information. Use the Internet and e-mail to your advantage. Don’t let it become an e-mail administered IQ test.

Sources:

Dvorak, John C.; The Great Nigerian Scam; PC Magazine, May 6, 2003, vol. 22, issue 8, p 61.

Fox, Steve; Devious Variations on an Old E-Mail Scam; PC World, Aug 2003, p 49.

Gordineer, John; Blended Threats: A New Era in Anti-Virus Protection; Access Control Systems and Methodologies, July/August 2003, p. 45.

Hilson, Gary; Security served up simple; Computing Canada, Mar 14, 2003, vol. 29, issue 5, p 22.

Jones, Phil; Dumb and Dumber: the Virus Writers and Their Victims; Computergram Weekly, Dec 4, 2001.

Pietromonaco, Peter; Cyber Security; Poptronics, Nov 2002, vol. 3, issue 11, p 10.

Schliesman, Kyle; Online crime continues to spread; Inside Tucson Business, May 12, 2003, p 2.

Spanbauer, Scott; Pest Zappers; PC World, July 2003, vol. 21, issue 7, p 109.

Looking into the mind of a virus writer; http://www.cnn.com/2003/TECH/internet/03/19/virus.writers.reut/index.html