It's Monday morning. You walk into your office and switch on your computer. The computer makes its familiar humming sound as software icons appear one by one on the screen. You begin thumbing through the morning mail when something strange happens. The CD ROM disc drawer on your computer slides open then closes by itselfalmost as if by remote control. The drawer opens a second time and then begins to open and close rapidly in succession. You dig in your desk for the computer instruction manual and simultaneously wonder if it's too early in the morning to dial the CAC help-line. Suddenly music blasts from the speakers and your monitor flashes colors in a bizarre strobe-light display. You haven't touched the keys of your computer. You feel somehow you're in the twilight zone or perhaps that your computer is wellum haunted
In a sense it is. What you're experiencing is a popular form of computer security attack, known as a trojan horse. In this case, it's a type of trojan horse that enables an intruder to control another person's computer remotely. Trojan horse programs go by a variety of names (NetBus and BO2K are two common examples) and they're frequently passed by e-mail attachment from one computer to another or contracted by downloading and using a file. Like its cousin the computer virus, the trojan horse can cause a wide-range of computer problems from inconsequential mischief to serious system damage.
As the information highway grows and the manipulation of electronic data becomes more complex, Penn State administrators, like those of other universities, are examining what can be done to raise awareness of information security issues and ensure the protection of personnel and students. Information security hazards like the one described above can take many forms, but according to network security experts, e-mail (electronic mail) is a particularly vulnerable area for many people in higher education today. "E-mail is an easy target because it has become an indispensable communication tool at universities," said Kathy Kimball, director of Computer and Network Security at Penn State. "Students use it to stay in touch with instructors, parents, and friends. Staff and faculty increasingly rely on it to communicate with one another and maintain contacts with colleagues at other institutions."
Yet despite the rewards, a corresponding host of electronic pests continues to expand. Viruses and worms (programs that travel from computer to computer, infecting and sometimes damaging each one they contact) now occur more frequently than ever due to electronic transmission. From 1997 to 1998, the rate of infection rose by 48 percent and is still climbing. There are tens of thousands of viruses three or four new ones appearing each day (CNET 1999).
Kimball explains that the Chernobyl Virus (CIH) and Happy99, rather than the well publicized Melissa, have thus far been the high focus viruses at Penn State. "Malicious programs, like CIH, are known to modify or delete computer files, sometimes immediately before a mid-term or final period," she adds.
And there are other e-mail pests. E-mail bombs, for instance, overload electronic mail software with hundreds, sometimes thousands of messages making it impossible for the recipient to access or send mail. Censorbots (from the word robot) can indiscriminately erase newsgroup messages and delete postings targeted by hackers. "There are also e-mail schemes such as pyramids or chain letters that may seem harmless," says Kimball, "but if you receive an electronic letter of this type, don't do anything the sender suggests. At best, forwarding the e-mail may prove annoying to recipients; but at worst, you may be helping to perpetrate a fraud."
Finally, electronic name forgerywhich happens when a perpetrator uses someone's user ID to send out information in his or her namecan have personally damaging results. (For example, a student from a Big Ten university woke up in the morning recently to find that someone sent out hundreds of verbally abusive e-mails in her name.)
The issue is perplexing. How do Internet users continue to enjoy the benefits of electronic communication and simultaneously feel their interactions are protected? According to Kimball, there are many methods available to address technology security concerns, but they are under-utilized, often, because of a lack of public awareness. "Computer users need to be aware of the concerns and use common sense," she stated. "Don't share passwords even with the best of friends and never share extremely sensitive or personal information. Tools such as virus detectors, power-on passwords (code which keeps others from booting up your computer without a password) and file encryption (code which makes your files unreadable to others) can also provide a great deal of protection for individual users."
In addition, information regarding tools as well as abundant security tips can be found on the World Wide Web. Links to Security Organizations such as the Center for Education and Research in Information Assurance and Security (CERIAS), http://www.cerias.purdue.edu, the Forum of Incident Response and Security Teams (FIRST), http://www.first.org, and Security Focus, http://www.securityfocus.com, provide updates on subjects like viruses, encryption (document coding), firewalls (electronic gate keepers for your computer), large-scale network security services, and much more.
|
|
|
"A decade ago, cybercrime and cyberterrorism didn't really exist outside of Hollywood movies. Today, they are very real threats." -Attorney General Janet Reno. |
In the last decade, the World Wide Web has transformed universities into globally-linked, interactive communities. Faculty share information across continents on a daily basis. Instructors post syllabi and course tips at Web sites for students to access 24 hours a day. Study group members interact with one another electronically via bulletins and chat rooms; and Web-based distance education enables students to study courses such as Penn State's Turfgrass 230 from places as far away as Australia and the Middle East.
Unfortunately, this digital interchange is under siege, according to network security officials. Deborah Hurley, director of the Harvard Information Infrastructure Project, http://www.ksg.harvard.edu/iip (a Harvard University research program involved in defining national and international Internet policy) notes that, while there's a lot of good news with regard to information and communications technologies, intrinsic security is generally growing worse."There are more computers, more networks, more data and information, and, most significantly, more fallible human beings connected to and using the system," said Hurley. "We rely on the goodwill of many people, around the world, not to use their technological knowledge in deleterious ways. At the same time we are more dependent than ever on the continued functioning of critical information systems."
Although scholars may find it increasingly convenient to scroll through electronic journals and periodicals for their research needs today, security experts caution that they should be on the look out for some carefully hidden dangers. "While still rare, it is becoming increasingly possible to acquire hostile code while surfing the Web," commented Kimball, "so it's important to be aware of the preventative measures that can be taken before starting on these ventures."
There are many things you can do to protect your
computer while it's on-line, according to Kimball, but it's also essential to
be
aware of the potential dangers. In recent years, several concerns
have emerged:
Cookies
- usually not hostile in nature, cookies are small
amounts of information that can be down-loaded to your computer when
you enter a Web site. When you return to the site the cookie
tells advertisers statistics about your browsing habits (the amount
of times you've visited their site, the pages that you've viewed, and
how often you return to specific pages.) In this case, the danger is a
privacy concern, since, in the wrong hands, personal information obtained
with the cookie could potentially be used harmfully.
Malicious Code
- code such as viruses, trojan horses, worms, and hostile applets reside at a small handful of sites on the Web with a singular purpose infecting computers. In some cases, computers can be contaminated simply by the user clicking on a specific link at a site. In others, the attack is launched when a file or application is downloaded. Either form of attack can have unpleasant results. While some Web-based attacks are harmless pranks, others can potentially launch destructive programs.
If you're designing or maintaining a Web site, as
many faculty members and departments are doing nowadays, there
are other concerns...
Hackers
- public Web sites are hacked almost on a daily basis today by individuals with a wide assortment of motives. Many hackers are network "joy riders," looking for computers that are vulnerable to the types of attacks that can be freely downloaded from the Internet. These intrusions can be embarrassing, if the hacker exposes the fact that data that is supposed to be secure and protected (such as social security numbers, names, and addresses) is actually accessible.
Crackers
- crackers deliberately attempt to destroy or deface
Web sites, computer systems, and other computer related facilities,
usually for personal or political reasons. Recent attacks on the FBI,
White House and New York Times Web sites, are all examples of
the defacement of public Web sites by crackers. In some
instances, pornography, or embarrassing rhetoric is uploaded or files
are erased, in others the graphics are altered to change the appearance
of Web pages. In a well-known case, for example, the welcome
message on the U.S. Air Force home page was replaced with crimson
eyes, dripping blood, and sexually explicit imagery.
Syn attacks
- a Syn attack creates a major traffic jam at a Web site
by overloading it with connection requests. The attack makes
it impossible for legitimate surfers to access the site until the problem
is corrected.
OK, sounds scary, but what can we do?
Fortunately, there are many ways to protect yourself from
the concerns outlined above, according to Kimball. Software is available
to help individuals determine what information their browser
reveals about them on-line, and a variety of "cookie busters" can be
installed by Internet users to enable their computers to accept or
reject cookies. In addition, "anti-virus software is essential for
all computer owners," said Gerry Santoro, Lead
Research Programmer at the Center for Academic Computing, "it's
the first line of defense against malicious code. After you
install anti-virus software, be sure to update it often, so that the
newest viruses are covered and always back-up all of your
computer files," Santoro adds. "Check
that the software monitors all areas - hard drives, floppy disks,
network, drives, and CD-ROMs - and is set up so that it will interrupt you
with a warning when you open up an infected file."
Other useful tips
If you're designing a Web site, Kimball suggests it's really not wise to post personal information about yourselfespecially phone numbers, social security numbers, addresses and passwords, etc. And, if you're collecting this information for administrative reasons, be sure you're using a secure, well administered server with encryption (coding) capabilities. Web sites can also be protected from hack attempts in a number of ways. A "refreshing" system can be installed which will automatically copy over the Web directory on a regular basis. The refresher will replace the site with its original content quickly after an unauthorized alteration occurs. In addition, a "staging" server is a useful tool for Web masters who need to make frequent changes to their homepages. Modifications can be made by authorized staff to the staging server and the "live" server (which holds the actual Web site) will then be updated by the staging server through a single secure channel.
If you experience what you believe to be a computer security incident, please notify the University Computer, Network, and Information Security Office at 863-9533 (24 hour help line at 863-HELP),or send E-mail to security@psu.edu. If you have questions or concerns about computer viruses, contact the Center for Academic Computing (CAC) Help Desk at 863-1035 or 863-2494.
