Kitsap Peninsula Business Journal Article - News, Business, Homes, Politics, Automotive, Reviews, Bremerton, Silverdale, Poulsbo, Gig Harbor, Port Orchard, Bainbridge

4-4-2003

Network Security Part 4
Computer Crime
By Jim Kendall

The term “computer crime” should not be an unfamiliar term to anyone that owns a computer, and especially for anyone who accesses the internet. Typically one will assume the term refers to crimes “against” computers, but that does not cover the true extent of what the term “computer crime” means.

For an excellent treatment of the subject, visit http://www.sans.org/rr/incident/combat.php for a September, 2001 column by Jason Upchurch. His description of computer crime; “Computer crime and computer related crimes are growing areas of concern for both law enforcement and businesses alike. However, while there is no specified universal definition for these types of incidents, they can be grouped into two categories. Computer crime is the type of criminal activity that can only be perpetrated through the use of a computer. These include:

Computer intrusions
Denial of Service attacks
Damage to data from persons within
Damage to data from persons outside

Computer related crimes are crimes in which a computer is used as a tool to complete any crime. For example, records can be manipulated on a computer to facilitate crimes such as embezzlement, or kept on the suspect’s machine to record financial information of criminal activities.”

Computer intrusions of the type we are most concerned about are, in general, external attacks on a computer or network. The methods vary widely but ultimately the goal is to access your computer to gain control of it’s functioning. The purpose may be to steal account information (Credit Card, Bank, etc.), use your system to spam, or perhaps to use your system as part of a Distributed Denial of Service (DDOS) attack. (Check out Gibson Research website at http://grc.com/dos/grcdos.htm for their report on DDOS attacks directed at their website).

By placing a “Trojan” program on your computer, intruders run programs “in the background” that use your computer resources and your internet connection for their purposes, without your knowledge or approval. In a DDOS attack, many hundreds or even thousands of computers are caused to “ping” a victim site. Although the individual computers have a relatively small impact, combined into a constant stream of requests/pings, the cumulative impact is overwhelming to the targeted site. Because the attack comes from a multitude of sources (including YOUR computer!), it is difficult to defend against, and nearly impossible to track the source.

The “Trojan” program is often delivered as a “virus” attached to an email program or file. The payload will run, install itself, and subsequently “notify” the perpetrator that it is available, every time you log on to the internet. The best defense is for YOU the user to protect YOUR system from being hi-jacked and used to attack/abuse other computers.

One of the best ways to do that is to maintain an affective virus protection program and keep the virus library files up to date. That will eliminate the majority of viruses and virus delivered Trojan programs.

Other means of gaining access to sensitive information is by “social engineering” victims to give up username and passwords, and other sensitive personal information. This may be accomplished by gaining your confidence over a period of weeks or even months. As mentioned in an earlier article, this includes information that is later used to “steal your identity.” Identity theft is one of the fastest growing and most wide-spread crimes committed on the internet.

Excellent information on identity theft is available at the following websites:
http://www.consumer.gov/idtheft
http://www.privacyrights.org/identity.htm
http://www.idtheftcenter.org
http://norfolk.fbi.gov/1999/ident.htm

While this is wandering a bit from the topic of “network security” it is worth recognizing that failure to take basic precautions may lead to any of a wide range of problems, from personal to professional to communal. It is not an issue that should be treated lightly.

In summary of our series of articles; the elements of an overall security plan need to be weighed carefully. Almost every precaution leads to some small but measurable diminishment of “ease of use” of the resource, or of the functions or capabilities available for your use. You must decide the correct balance of risk versus security versus functionality. The elements to evaluate are the need for a firewall (hardware or software based), configuration management of hardware and software, and physical and electronic protection (backups, virus detection, physical access, passwords, etc.). Every situation will be unique, yet every situation has common elements.

Take charge of your computing resources. Identify the security elements that make the most sense for you. Then act on the information. DO SOMETHING. Don’t let it slide until AFTER you have had a problem. Simply put the most basic security elements in place and we will all be better off.