[ISN] Back Orifice in Business Week

From: mea culpa (jerichoat_private)
Date: Tue Aug 18 1998 - 21:09:05 PDT

  • Next message: mea culpa: "Re: [ISN] Computer-savvy crooks steal cards, charge up"

    Forwarded From: Synthe Omicron <syntheat_private>
    # For ISN, taken from _BusinessWeek_, August 24-31, 1998, p. 34
    # Transcribed by Synthe Omicron. 
    The Internet
    A bit of free software is giving computer-security experts fits
    Just when computer users are recovering from scare stories about security
    holes in E-mail programs -- and suppliers are finishing fixes to plug them
    -- here comes an even more worrisome problem. On Aug. 3, a hacker group
    known as the Cult of the Dead Cow began distributing Back Orifice, a
    program that can wreak havoc on PCs running Windows 95 and 98. Once
    installed, the software makes it possible for an outsider to see what's on
    the screen, read keystrokes (passwords, or credit-card numbers, for
    example), and install or delete programs. So far, the group claims 50,000
    copies of the free program have been downloaded from its Web site. "This
    is a breathtaking tool," says Susan B. Levy Haskell, a computer security
    manager at the University of Minnesota. "It's going to nail Corporate
    America to the wall." 
    Worse, it's a breakthrough in easy-to-use hackware. Computer-security
    experts say that the software is as simple to use as any Windows program
    and turns the novice into an instant -- and potentially dangerous --
    hacker. That raises concern that insider attacks, which already account
    for some 70% of computer crimes, could become far more likely. "You've
    just made a lot more people capable," says Patrick Taylor, director of
    marketing for Atlanta-based Internet Security Systems Inc. 
    What's behind this nefarious development? The Cult of the Dead Cow says
    that it released Back Orifice to raise awareness about security problems
    with Microsoft Corp. programs. "Back Orifice will force Microsoft to sit
    up and take notice," says Deth Veggie, a member of the group who says his
    real first name is Luke. 
    Microsoft is taking the program seriously. The software giant has 300
    employees trying to secure all its software products and is working with
    security companies to devise ways to detect the Back Orifice software. As
    Edmund Muth, Microsoft's product manager for security, concedes: "This is
    the kind of software that could produce very substantial damage to
    someone's computer if it were installed." 
    And installing the software isn't so difficult. Computer security experts
    say the program -- which is remarkable tiny -- can be hidden within an
    attachment to an E-mail message. Once the unsuspecting recipient clicks on
    that file, Back Orifice installs itself and can begin transmitting
    information back to the sender. 
    Various security holes -- including the recently discovered problems with
    E-mail programs from Netscape Communications, Microsoft, and Eudora -- can
    also be used to sneak the software onto a machine.  Experts say that
    software patches released to fix bugs in the E-mail programs, for example,
    will prevent hackers from exploiting the programs' flaws to install Back
    Orifice. But, they warn, many companies are slow to incorporate software
    fixes, while others ignore updates altogether. "How you get this installed
    is actually quite easy," says Drew Williams, manager of the InfoSecurity
    SWAT team for Axent Technologies Inc. 
    Computer-security companies are developing antidotes. the program can be
    detected by scanning computers for a communications line that may be open
    and sending data. Regardless, experts warn that it's dangerous to open
    E-mail from people you don't know. "If I don't know what it is, I don't
    open it," says Charles C. Palmer, manager of IBM's network security group.
    For now, that may be the best safeguard. 
    By Ira Sager in New York
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:01:34 PDT