Computing magazines often define information assurance as “the technical and managerial measures designed to ensure the confidentiality, possession or control, integrity, authenticity, availability, and utility of information and information systems.” This information may be in storage, processing, or transit, and the threats to it can be accidental or intentional.
Protecting information resources is not easy. Network technology advances so quickly that IT experts are constantly challenged to keep up. The plethora of valuable information stored on computers and sent through the Web provides great potential for hackers and scammers to infiltrate computer security.
There are two main types of hackers. Some hackers use their computers to break into companies' or other people's computers to steal information, such as credit card numbers. This type of computer criminal uses increasingly sophisticated methods to obtain personal information. Other types of hackers are more interested in damaging the receivers' computers and do this by sending viruses through Web sites or e-mail.
INTERNET CRIME STATISTICS
Between 2005 and the beginning of 2008, the Privacy Rights Clearinghouse said that more than 215 million records of U.S. residents had been compromised because of a security breach. A study conducted by the Ponemon Institute showed that the total average costs for lost or exposed data was $197 for each compromised record. This represents an 8 percent increase in the two years since 2006, and a 43 percent increase since 2005.
Together, the FBI and the National White Collar Crime Center formed the Internet Crime Complaint Center. The Center has received reports of more than 200,000 Internet crimes. These crimes cost nearly $700 per complaint, or $200 million in 2006 and $240 million in 2007.
Some of these crimes are online fraud and phishing scams, which increased 57 percent from 2007 to 2008. In that year, more than 3.5 million Americans were victims of online identity theft and phishing schemes, costing $3.2 billion dollars. The United States hosts the world's greatest number of fraudulent sites, with more than 25 percent.
With the ever-constant advances in the ways that data is exchanged, companies are significantly changing how they deal with data protection and loss. Many companies are investing in security technology, employee education, and comprehensive protocol.
Hackers, too, are changing their methods. They have moved away from targeting individuals and instead are focusing more on targeting entire databases where they can find huge amounts of personal identifying information. This has prompted organizations to focus on database security and invest in technologies that monitor the information and minimize the amount of data leaving their secure networks. According to experts, this may be a problem for large enterprises, which often have numerous databases that are unknown to most security personnel.
The biggest threat to a secure company, however, is human error. Some of the largest security breaches are accidental and actually come from within the company. As companies deal with more and more data, employees leak information by sending work documents to personal e-mail addresses, or accessing e-mail from a personal computer. Insider job shifts are another threat to security. Additionally, contractors, outsourcing and offshoring pose potential security threats.
While companies are increasing the amount of security in their systems, the immense amount of business conducted over the Internet makes stealing information attractive for computer criminals. They employ a number of different methods including spyware, phishing, pharming, viruses, firewalls, and spam. These terms are household words among computer users, especially those who use the Internet.
Spyware is a term used to describe a program that is put on a computer without the user's permission, and usually without the user's knowledge. A spyware program runs in the background and keeps track of the programs the user runs and the Web sites the user visits. Some spyware tracks the user's keystrokes and extracts passwords and other information as they type. It then uses the information gathered to display certain advertisements or forces
the user's browser to display certain Web sites or search results. Most spyware is written for the Windows operating system.
Spyware can be installed on a computer in any of the following ways:
- Piggybacked software installation: Some software applications, and especially free software downloads, install spyware as part of the program installation.
- Drive-by download: Some Web sites automatically try to download and install spyware on the user's machine. Users may get a pop-up warning, but not if the security setting is too low.
- Browser add-ons: This type of spyware adds enhancements, such as a toolbar, an animated pal, or additional search boxes, to the user's Web browser. Some enhancements, also known as browser hijackers, embed themselves deep in the user's computer, making it very hard to remove them.
- Masquerading as anti-spyware: Some spyware advertises that it can remove spyware, when, in reality, they are actually installing additional spyware.
Not only does spyware infringe upon users' privacy, but it can also slow down computers. Many spyware programs use up most of the computer's random access memory (RAM) and processor power, preventing other applications from using these resources. In addition, many spyware programs generate popup advertisements that slow down the user's Web browser, reset the user's homepage to display advertisements every time she opens the Web browser, and redirect the user's Web searches. Some of the more malicious spyware programs modify the user's firewall settings, increasing the opportunities for more spyware and viruses to enter the user's computer.
Phishing is a term used to describe e-mail scams that attempt to trick consumers into disclosing personal and/or financial information. The e-mail messages appear to be from legitimate sources, such as banks, credit card issuers, or well-known Internet sites (such as America Online, Paypal, and eBay). The content of the messages varies, but often they tell the consumer that he needs to update personal information or that there is a problem with the consumer's account. The messages usually contain links to fake Web sites. When the user clicks the link, they are taken to Web sites that look official, and may even include images from the legitimate Web sites. These fake Web sites often instruct the unsuspecting user to enter credit card numbers, social security numbers, bank personal identification numbers (PINs), and other valuable information. Once the user enters that information, the violators use it or sell it. This leads to what is known as identity theft. The scammers use this information to assume the identity of the victims to make purchases in that person's name.
For example, some of these e-mails come for the IRS. The IRS, by the end of 2007, had been forwarded nearly 35,000 such scam e-mails, which have revealed to the agency more than 1,500 different schemes. In the last six months of 2007, there was a 5 percent increase in the number of phishing messages sent across the Internet, or a total of 207,547. That means that every day, more than 1,100 phishing messages are sent.
Nearly 94 percent of all attacks recorded in August 2007 were against financial services providers. This high number is typical. However, Google is now the target of another kind of phishing. Google customers are tricked into providing their AdWords account login details. By getting their AdWords, the traffic that would go to the site of the person creating the search words are now going to the perpetrator's site. Bigmouthmedia reported a 240 percent monthly average increase in this type of phishing e-mail in 2007.
In 2008, a group of senators, led by Olympia Snowe, introduced the Anti-Phishing Consumer Protection Act of 2008. The bill prohibits tricking recipients into providing their personal information in response to e-mails, instant messages, and misleading Web sites. The bill would also ban related abuses, such as the practice of using fraudulent or misleading domain names.
Spam is a term used to describe unsolicited e-mail messages that usually contain an advertisement for some product or service, such as mortgage loans, pornography, or prescription drugs. Spammers send the messages to e-mail addresses on wide-scale mailing lists, which could mean that each message is sent to thousands of people. Spam has become such an annoying problem for so many people that software programmers have developed spam filters to block or delete some e-mail messages before they reach the recipient's e-mail account. Most ISPs offer some level of spam filtering to their customers. However, even with these filters, hundreds of spam messages get through.
Spam messages, according to a May 2008 statistic, account for more than 80 percent of e-mail. Spam often delivers vehicle malware and viruses. Anti-spam e-mail appliances block millions of pieces of spam every day, making these appliances a key defense in IT security. According to the Test Center, e-mail appliances catch more than 96 percent of spam.
Where do spammers get e-mail addresses? Hundreds of companies compile lists of e-mail addresses and put them on CDs, which they sell to anyone who is willing to
pay for them. Each CD can contain millions of e-mail addresses. These companies use programs to pull out screen names and e-mail addresses from newsgroups and chat rooms or the Internet itself. Some spammers use spambots, which are programs that go through the Web and look for the @ symbol and pull the e-mail addresses associated with each one. Another method spammers use to obtain e-mail addresses is to create Web sites specifically designed to attract Web surfers. These Web sites may ask you to enter your e-mail address to see what the site has to offer (for example, large amounts of money).
And finally, perhaps the most common method spammers use to get e-mail addresses is to conduct a dictionary search of the mail servers and large ISPs. Dictionary searches use a program that establishes a connection with the target mail server and then submits millions of random e-mail addresses. Often they will vary these e-mail addresses very slightly (such as by adding a number somewhere in the address). The program then collects the e-mail addresses for which the message actually goes through.
There are hundreds of companies around the world that have formed specifically to cater to spammers. They offer services for sending bulk e-mail. Some of the larger companies can send billions of messages a day. Many of these companies are set up outside the United States to avoid U.S. laws. Some claim to be “spam free.” This means that the e-mail addresses they use are taken from the list of users who requested to receive bulk e-mail, or “opt-in” e-mail. A user's e-mail address can be placed on an opt-in list when ordering something online. Many online stores include a checkbox near the bottom of the order page that asks the user to clear the checkbox if they do not want to receive e-mail offers from their partners. If a user does not see that or misinterprets the checkbox, they may be placed on an opt-in list.
As mentioned above, there are many different spam filtering software programs on the market. These filters check e-mail as it arrives in the user's electronic mailbox. The user can set up the filter to check for specific words or specific e-mail addresses or specific types of attachments. If the filter detects any of these, it will either delete the message or place it in a separate folder. Unfortunately, spammers often find ways around these filters. Another problem with filters is that they sometimes filter out legitimate messages.
In 1998, Spamhaus.org was formed to track and stop spammers around the world. Australian-based Spamhaus (http://www.spamhaus.org) calls itself “an international non-profit organization whose mission is to track the Internet's Spam Gangs.” Spamhaus.org also says it seeks to provide “dependable realtime anti-spam protection,” works with law enforcement agencies to “identify and pursue spammers worldwide,” and lobbies for “effective anti-spam legislation.”
Spamhaus continues to fight spam. The group publishes the Register of Known Spam Operations (ROKSO), which lists the Internet Protocol (IP) addresses of the 200 worst spam gangs worldwide. ISPs can use this list to avoid signing up known spammers, and law enforcement agencies can use the list to help target and prosecute spam gangs. Spamhaus also publishes four spam-blocking databases—the Spamhaus Block List (SBL), the Exploits Block List (XBL), the policy block list (PBL) and the ZEN, a new all-in-one DBSBL (DBS Blacklist). As of July 2008, the various Spamhaus products were busy protecting 1.43 billion user mailboxes.
Computer viruses are programs that spread from one computer to another, causing problems on each computer they touch. As viruses propagate, they use up so much memory that it can slow down computer systems to the point that they are unusable. Some viruses actually attack files on the computer by deleting them or modifying them in some way that renders the computer unusable.
The extent of damage caused by a virus varies. Some affect a relatively small number of computers. Others have been so devastating that they can even cripple large companies. For example, in March 1999, when the Melissa virus hit, it was so destructive that it forced Microsoft and other large companies to completely shut down their e-mail systems until the virus could be contained.
There are four general types of computer viruses:
- Viruses. These are small programs that attach themselves to other programs. When a user runs the legitimate program, the virus program runs, too. Once on a computer, some viruses find other vulnerable programs and attach to them as well, causing even more damage. The virus spreads to other computers when the unknowing user shares or passes on an infected program via CD, for example.
- E-mail viruses. These are viruses that are transmitted via e-mail. When users open an e-mail message or an e-mail attachment containing a virus, they release it onto their computers. Some e-mail viruses replicate themselves by e-mailing themselves to people listed in a victim's e-mail address book.
- Worms. These are small programs that usually take advantage of networks and spread to all computers on the network. Worms scan networks for computers with security holes in programs or operating systems, replicate themselves on those computers, and then start all over from there. Because worms usually spread through networks, they can affect multiple
computers in a very short amount of time. The Slammer worm, released in January 2003, spread more rapidly than any other virus before it. Within 15 minutes, it had shut down cell phone and Internet service for millions of people around the world.
- Trojan horses. These are computer programs that claim to be one thing but are actually viruses that damage the computer when the user runs them. Trojan horses cannot replicate automatically.
Because viruses have the potential to wreak havoc on computer networks and individual computers, many virus-protection products have been developed to prevent this. Most virus-protection software scans the computer when it is first turned on and looks for known viruses. As new viruses are discovered, virus protection providers have to update their virus definitions.
A firewall is basically a barrier that prevents damaging files or programs from reaching the user's computer. Many operating systems now include a built-in firewall. There are also many after-market firewall products available for purchase. Firewalls filter the data that comes through an Internet connection. If the firewall detects any suspicious information, it does not allow that information through. Most companies and many individuals who have Internet access use firewalls to protect their computers and networks. Although some firewalls protect against computer viruses, many experts recommend that companies and individuals invest in a separate anti-virus software package.
Firewalls control the flow of network traffic using one or more of the following methods:
- Packet filtering: The term “packet” is used to describe a small group of data. With the packet filtering method, a firewall compares the packets of incoming and outgoing data against a set of specific rules. If the packets meet the acceptable criteria, the firewall lets the data through. Any data that does not make it through the firewall is discarded.
- Proxy service: Proxy servers are used to access Web pages by other computers. When a computer requests a Web page, the proxy server retrieves the information and then sends it to the user's computer. With a proxy server, the computer hosting the Web site does not come into direct contact with the user's computer.
- Stateful inspection: This newer method compares only certain key parts of the packet to a database of trusted information. The firewall compares outgoing data against specific criteria and then compares incoming data against the same criteria. If the two comparisons match, the firewall lets the information through.
Several criteria that firewalls use to compare incoming and outgoing data are listed below:
- Internet Protocol (IP) addresses: Each computer on the Internet has a unique IP address, which consists of a 32-bit number. If a firewall detects too many files being read by a certain IP address outside of the company, it may block all traffic to and from that IP address.
- Domain names: Each server on the Internet has its own domain name, which is the Web site address most people recognize (as opposed to the IP address). If a company knows that certain domain names are not “safe,” they will set up the firewall to block access to that domain name. On the other hand, the company may set up the firewall to allow access to only certain domain names.
- Protocols: Protocol is a term used to describe the way a program communicates with a Web browser. Some of the more common protocols include IP (Internet Protocol), which is the main delivery system for information over the Internet; TCP (Transmission Control Protocol), which breaks apart and rebuilds information from the Internet; HTTP (Hyper Text Transfer Protocol), which is used for Web pages; FTP (File Transfer Protocol), which is used to download and upload files; and many more. A company may set up a firewall that allows only one or two machines to handle certain protocol and prohibits that protocol on all other machines.
- Specific words or phrases: Companies can set up firewalls to search for specific words or phrases. If the firewall encounters packets containing any of those words, it will not allow the packet through.
The year 2007 marked an active year for online criminal activity. At least part of the reason for the increase is that many companies are now required by state laws to notify affected individuals (such as customers, employees, citizens, students and alumni) when their confidential or personal information is lost, stolen, or otherwise compromised. Experts expect that all fifty states will require such notification by 2010.
Other new trends are emerging concerning stolen data, such as where data is stolen. Hackers have begun to target second tier businesses, rather than financial networks and large companies. At the same time, the
explosive growth of social networking sites, which are often used on workplace PCs, also account for much data loss.
Moving forward, business must invest more in security risk assessment and management. This means that companies will need to create key jobs for security personnel. Companies will also need to develop a system that prioritizes the most sensitive information. This will help determine what data potential attackers are most likely going to target. This might include intellectual property, and other information that could affect the value of corporate stock.
Companies are implementing standardized security risk management plans. ISP/IEC 27001:2005 is a standard specification for an Information Security Management System (ISMS). With it, companies have a roadmap to monitor and control their security. ISP/IEC 27001:2005 covers eight elements to ensure that business risk is minimized. The standard is also intended to highlight corporate, customer and legal requirements that companies are required to meet. The elements of the spec include:
- Security policy: This element ensures that business objectives and management direction are in sync, enabling the maintenance of an information security policy across the organization.
- Organizing information security: This ensures that information security is properly governed.
- Information asset management: In this phase, companies are charged with making sure that information assets are properly inventoried and classified.
- Communications and operations management: This phase ensures that technical security controls in systems and networks are properly managed.
- Access control: Access controls govern the access rights to networks, systems, applications, functions, and data.
- Information systems acquisition, development, and maintenance: This phase ensures that security is built into applications, including user-developed applications to ensure correct processing.
- Information security incident management: Here, a plan is developed for anticipating and responding to information security breaches.
- Policy adherence: Companies follow this directive to ensure conformance with information security policies and standards.
The ISO/IEC 27001:2005 is providing business and organizations with the plan to combat information security breaches, Still, both enterprises and individual users must become better informed about the dangers that exist, and take precautions. As governments and law enforcement agencies around the world are learning more about these crimes and how to deal with them, they are taking action to prosecute the perpetrators.
SEE ALSO Computer Networks; Technology Management
“Anti-Phishing Consortium Releases New Report.” Credit Union Times 19 Dec 2007. Available from: http://www.cutimes.com/article.php?article=35578.
Black, Jane. “Before Spam Brings the Web to Its Knees.” BusinessWeek Online 10 June 2003. Available from: http://www.businessweek.com/technology/content/jun2003/tc20030610_1670_tc104.htm.
Boutin, Paul. “Slammed! An Inside View of the Worm that Crashed the Internet in 15 Minutes.” Wired Magazine July 2003.
Coustan, Dave. “How Spyware Works.” HowStuffWorks.com 16 Feb 2005. Available from: http://www.computer.howstuffworks.com/spyware.htm.
“Google Phishing: The Fastest-Growing Con on the Internet.” bigmouthmedia.com 23 May 2008. Available from: http://www.bigmouthmedia.com/live/articles/google-phishing-thefastestgrowing-con-on-the-in.asp/4763/.
Gross, Grant. “U.S. Senator Introduces Phishing Penalties Bill.” IDG News Service 4 March 2005. Available from: http://www.infoworld.com/article/05/03/04/HNphishingbill_1.html.
Hoffman, Stefanie. “Data Loss Prevention Trends To Watch In 2008.” Channel Web 02 Jan 2008. Available from: http://www.crn.com/security/205207370?pgno=3.
Jaikumar, Vijayan. “Fight Against Phishing Moves to a New Level: Consortium Brings Together Companies, Law Enforcement to Target e-Mail Scams.” Computerworld 13 December 2004, 10.
“PC Mag Encyclopedia.” pcmag.com Available from: http://www.pcmag.com/encyclopedia_term/0,2542,t=information+assuranceamp;ldquo;Phishing Fraud.” Available from: http://www.securities-fraud.org/phishing-attacks.htm.
Kaneshige, Tom. “Spam Wars Anti-spam Vendors Can't Thwart the Spam Boom. Is it Time for an E-mail Tax?” InfoWorld 16 Apr 2008. Available from: http://www.infoworld.com/article/08/04/16/front-street-spam_1.html.
“Phishing Scams, Frivolous Arguments Top the 2008” Dirty Dozen “Tax Scams.” Internal Revenue Service 13 Mar 2008. Available from: http://www.irs.gov/newsroom/article/0,,id=180075,00.html.
“Protect Internet Consumers from Fraud and Theft.” The Hill's Congress Blog 29 Feb 2008. Available from: http://www.blog.thehill.com/2008/02/29/protect-internet-consumers-from-fraud-and-theft-sen-olympia-snowe/.
Tyson, Jeff. “How Firewalls Work.” HowStuffWorks.com 24 Oct 2000. Available from: http://www.computer.howstuffworks.com/firewall.htm.
“Win32.Ntldrbot (aka Rustock.C) No Longer a Myth, No Longer a Threat. New Dr. Web Scanner Detects and Cures
Computer security encompasses a wide range of technological issues. Computer security professionals work to combat hacking, which includes illegally accessing, manipulating, or destroying private information contained in computer networks. Computer security efforts typically involve the use of a combination of passwords, data encryption applications, virus detectors, and firewalls (hardware or software products that filter all information passed between a private intranet and other intranets or the Internet). Along with preventing hacking, computer security systems also offer detection programs, which allow network managers to determine if a security breach has happened and pinpoint the effects of the breach.
HISTORY OF COMPUTER SECURITY PROBLEMS
The issue of computer security first arose in the 1970s as individuals began to break into telephone systems. As technology advanced, computer systems became targets as well. The Federal Bureau of Investigation (FBI) made one of its first arrests related to computer hacking in the early 1980s. A group of hackers known as the 414s, named after their area code in Milwaukee, Wisconsin, were indicted for attacking 60 different computer systems including the Los Alamos National Laboratory and the Memorial Sloan-Kettering Cancer Center. Computer security breaches like these became increasingly commonplace throughout the 1980s, prompting the passage of the Computer Fraud and Abuse Act. The new legislation allowed more stringent punishments to be levied against individuals caught illegally abusing computer systems. Later in the decade, a 25-year-old hacker named Kevin Mitnick began tapping into the e-mail system used by computer security managers at both Digital Equipment Corp. and MCI Communications Corp. As a result, Mitnick was arrested and sentenced to one year in jail. Although a multitude of other hackers were brought to justice, many continued to operate, including one who successfully pilfered $70 million from the First National Bank of Chicago. Eventually, the Computer Emergency Response Team was established by the U.S. government to research the increasing number of computer security breaches.
Along with growth in hacking activity came the spread of computer viruses. Three of the most well known viruses—Cascade, Friday the 13th, and Stoned—all originated in 1987. When computer companies like IBM Corp. and Symantec Corp. began researching ways to detect and remove viruses from computers, as well as ways to prevent infection in the first place, virus writers began developing more elusive viruses. By 1991, more than 1,000 viruses had been discovered by computer security experts.
Computer security gaps were exposed at many major corporations and governmental bodies—including AT&T Corp., Griffith Air Force Base, NASA, and the Korean Atomic Research Institute—during the early 1990s. For example, an attack on AT&T's network caused the firm's long-distance service to temporarily shut down. During 1995, computers at the U.S. Department of Defense were attacked roughly 250,000 times. A study conducted by the Computer Security Institute that year determined that one in every five Web sites had been hacked. Also that year, Mitnick was arrested for computer fraud and once again sentenced to serve jail time. His offense that time included stealing software, product plans, and data from Motorola Inc., Sun Microsystems Inc., NEC Corp., and Novell Inc., costing the firms a combined total of nearly $80 million. Later in the 1990s, the Web sites of several federal agencies, including the U.S. Department of Justice, the U.S. Air Force, NASA, and the CIA, were defaced by hackers. In addition, the U.S. Bureau of Labor Statistics received a deluge of bogus requests for information. In 1998, the U.S. Department of Justice created the National Infrastructure Protection Center, charging it with task of safeguarding domestic technology, telecommunications, and transportation systems from hackers.
As the amount of commerce handled via the Internet grew, so did the number of malicious attacks. Hacking in 2000 increased 79 percent over 1999 figures, according to a report released by the FBI's Computer Emergency Response Team (CERT). Even leading Web sites such as Yahoo!, America Online, eBay, and Amazon.com were exposed as vulnerable, costing the firms millions of dollars and undermining the already tenuous confidence online shoppers had in the security levels of these sites. Eventually, one of the key perpetrators in many of these attacks, a 16-year-old Canadian boy operating under the name Mafiaboy, was arrested, and authorities discovered he also had broken into the computer networks at Harvard and Yale Universities. While on parole, Mafia-boy was prohibited from using the Internet or shopping at stores that sold computers; only when supervised by a teacher at school, could he use a computer.
TYPES OF COMPUTER SECURITY PROBLEMS
As the need for high levels of computer security became increasingly apparent to business owners, many began to earmark additional dollars for security technology and for staff to oversee security measures. By then, the most popular form of attack was the denial of service (DOS), which simply overloads a network system until it crashes. For example, a DOS attack on online auction giant eBay in February 2000, which involved sending the site a barrage of fake requests for Web pages, caused eBay's system to crash. Similarly, CERT's Web site was shut down for two days after a myriad of fake information requests overloaded its system. A DOS known as a worm began gaining significant media attention in 2001. In July of that year, the worm entitled Code Red began attacking Microsoft Internet Information Server systems. Code Red infected servers running Windows NT 4, Windows 2000, Windows XP, and IIS 4.0, and it replaced Web site content with the phrase "Welcome to www.worm.com Hacked by Chinese!" The damage caused by the Code Red worm was estimated at $1.2 billion. As Alex Salkever stated in a May 2001 BusinessWeek Online article, these types of attacks are commonplace. "According to a study released last week by scientists at the University of California-San Diego's supercomputing facility, more than 4,000 DOS attacks happen each week. The most sophisticated and serious last for days as dozens, hundreds, even thousands, of hijacked 'zombie' computers pour forth an unceasing barrage of Web-page requests, all unbeknownst to the machines' owners."
Mail bombs behave in the same manner. However, they target a network's mail server with the goal of shutting down e-mail service by overloading the system. Hackers targeting networks may also attempt to gain access to secure areas containing sensitive data, such as credit card numbers or social security numbers. A security breach of this type can cause serious damage to a business or institution since data files can be not only copied, but also deleted. AOL became victim to this type of attack in the late 1990s when teenagers from Wichita, Kansas, successfully hacked AOL's network and used the credit card numbers they found there to purchase video games.
Other types of attacks on computers include viruses and Trojan horses. A virus is a program designed to affix itself to something within a computer, such as a file or boot sector, and begin reproducing itself. A file virus, like the Friday the 13th virus that originated in the late 1980s, attaches itself to an executable file—one that controls applications—and begins overwriting parts of the file. Roughly two-thirds of all virus attacks involve boot sector viruses, which are harder to detect than file viruses because they make no discernible impact on a system until they actually attack. Boot sector viruses are quite often designed to overwrite an entire hard drive. A virus also might be designed to use all of a computer's resources and prompt it to crash. Two of the most popular transmission methods for viruses are floppy disks and e-mail. For example, the "I LOVE YOU" and the "Love Bug" viruses that appeared in May of 2000 were circulated via e-mail. The resulting damage to individuals, companies, and institutions was judged to be nearly $10 billion. Like viruses, logic bombs attack computer files and hard drives. Quite often, hackers use a Trojan horse to gain initial access to computers. Trojan horses are disguised as harmless programs, but once executed might release a virus or even a worm.
COMPUTER SECURITY PROGRAMS
The first major computer security program was developed late in the 1970s, when three Massachusetts Institute of Technology (MIT) graduates created RSA encryption technology. The data-scrambling program eventually was used in leading computer platforms such as Microsoft Windows, and well-known software applications like Quicken and Lotus Notes. Computer security primarily remained a governmental concern throughout the 1970s and 1980s. The rise of corporate networks, along with the growth of e-commerce, prompted more widespread concern about computer security in the 1990s.
Companies using computers began linking them together via networks in the 1980s, and many of those networks were then linked to the Internet in the 1990s. Companies with many geographically dispersed offices were able to use the Internet to link networks. Similarly, those with employees on the road could grant off-site workers access to the intranet. In fact, according to PC Week writer Jamie Lewis, one of the Internet's most important benefits to businesses was its ability to "simplify the often expensive and complex tasks of giving remote users access to corporate networks and of linking remote sites." The fact that one of the largest problems hindering that task was security encouraged the development of virtual private network (VPN) technology, which combined "tunneling, authentication, and encryption technologies to create private sessions over the public Internet."
Another major boon of the Internet revolution, the rise of e-commerce, also brought with it major security headaches. To make a purchase online, shoppers were normally required to input their credit card numbers. Eventually, even tax returns became something consumers could transmit via the Internet. To protect this sensitive data, companies began seeking sophisticated security systems. Most online merchants began using data encryption programs, such as Secure Sockets Layer (SSL), Secure Electronic Transactions (SET), and Data Encryption Standard (DES) to protect personal information transmitted over the Web.
The most popular method of computer protection among home computer users is anti-virus software. Companies including Symantec Corp. and Network Associates offer anti-virus applications that scan every file on a disk or on a computer's hard drive for infected material, alerting users if corrupted files are found. To keep pace with a the continual development of new viruses, many computer security software firms allow users to periodically download from their Web sites software upgrades which recognize newer viruses. Firewalls, once mainly used for computer networks, also have become popular with home users, particularly those who use cable modems and digital subscriber lines for uninterrupted online connections.
Other software options—mainly used to protect larger computer systems—include Intrusion Detection Systems (IDS), content filtering software, sand-boxing software, and behavior analysis software. IDS is considered one of the best protection methods for large networks. With an IDS in place, system administrators can monitor network requests and detect large-scale malicious attacks. Content filtering software is advanced anti-virus software that reads compressed files and allows IT managers to set specific filtering parameters to block threatening e-mail. Sandboxing software protects against malicious codes by creating an isolated space within a computer where suspicious code can run, before it has a chance to interact with the main operating system. Still in its infancy in 2001, behavior analysis software protects computer systems by monitoring entire networks and checking every command of all operations.
Because many malicious hackers eye security systems not as a deterrent but as a mere obstacle to overcome, the numbers of computer security breaches may continue to rise. However, as long as hacking attacks persist, both individuals and businesses will continue to invest in programs and software designed to protect systems from unwanted intruders. In fact, while many computer industry experts believe that avoiding all hacking activity is nearly impossible, Datamonitor predicts that spending related to computer security will grow from $10.6 billion in 2001 to $22.3 billion in 2004.
Blakey, Elizabeth. "Commit a Cybercrime? You're Hired!" E-Commerce Times. July 17, 2000. Available from www.ecommercetimes.com.
Costello, Sam. "'Code Red' Raises Disclosure Flags." InfoWorld. July 20, 2001.
Enos, Lori. "'Mafiaboy' Denies New Hacking Charges." E-Commerce Times. August 4, 2000. Available from www.ecommercetimes.com.
Lewis, Jamie. "VPNs: Fulfilling the Internet's Promise." PC Week. June 1, 1998.
Mandeville, David. "Hackers, Crackers, and Trojan Horses." CNN In-Depth Reports. March 29, 1999. Available from www.cnn.com/TECH/specials.
McCartney, Laton. "A Safety Net." Industry Week. April 21, 1997.
Morgan, Lisa. "Intrusion Detection Systems." InternetWeek. January 8, 2001. Available from www.internetweek.com.
Phillips, Ken. "Security Begins at Home." PC Week. August 5, 1996.
Salkever, Alex. "Patches Don't Make a Security Blanket." BusinessWeek Online. August 7, 2001. Available from www.businessweek.com.
——. "Scared of 'Zombies'? You Should Be." BusinessWeek Online. May 30, 2001. Available from www.businessweek.com.
Tinnirello, Paul C. "Internet Security: Are We Scared Yet?" PC Week. November 4, 1996.
Vamosi, Robert. "Alternative Protection Against Malicious Code." ZDNet., May 21, 2001. Available from www.zdnet.com.
SEE ALSO: Computer Crime; Cryptography, Public and Private Key; Data Encryption Standard (DES); Encryption; Hacking; Secure Electronic Transaction (SET); Viruses; Worms