[ISN] New hackers wreak havoc

From: InfoSec News (isnat_private)
Date: Wed Oct 17 2001 - 01:15:24 PDT

  • Next message: InfoSec News: "[ISN] Re: White House asks companies for help with new government computer network"

    John Yaukey
    Gannett News Service
    Oct. 16, 2001 
    When Maurice Paynter installed his new Internet security software, he
    got a sobering look at modern life online.
    "I realized I'm being attacked constantly," he said.
    The software, which records attempts by hackers to infiltrate the host
    computer, showed Paynter was being scanned for openings 30 to 40 times
    a day. Scarcely a day passes now that his software doesn't detect a
    According to watchers of malicious codes, hacking is becoming
    pandemic, a national pastime for computer enthusiasts tempted to test
    their skills against the establishment.
    Since 1998, the number of hacking attacks and virus releases has
    increased sevenfold. Viruses are being produced at a rate of a dozen
    or more per day, with some causing tens of millions of dollars in
    damages and lost productivity.
    To make matters worse, many hackers are employing more intentionally
    destructive tools and tactics, some so callous that even their fellow
    code crackers have denounced them as a different breed.
    Shortly after the Sept. 11 terrorist attacks, some hackers exploited
    the catastrophe to spread a virus using what appeared to be an e-mail
    pleading for peace. When the message was opened, the virus loaded onto
    the recipient's computer and damaged files.
    In what is perhaps the most disturbing trend, hackers are infiltrating
    well-known news sites, including Yahoo! and the Orange County
    Register, and rewriting stories. These "subversion of information"
    attacks raise a host of concerns in the wake of Sept. 11, when news
    sites were a major source of information.
    "There used to be a strong ethic among hackers - get in and look
    around, but do no harm," said William Knowles, a 32-year-old
    Chicago-based computer security analyst and a former "benign" hacker.
    "That's been lost on the younger masses."
    Experts say it's changing the Internet the way crime changes a
    People are now constantly on alert for suspicious e-mail and other
    applications that could potentially harbor malicious code. It has
    gotten so bad that several Internet service providers have been
    threatening to disconnect customers who don't use protective
    anti-virus software.
    Viruses get meaner
    The modern hacker has a selection of tools and strategies to choose
    from, including viruses and worms that typically spread over networks
    and clog computers, and attacks, which they can launch against Web
    sites to disable them or change their contents.
    Viruses and worms have typically been considered dangerous because
    once downloaded, say unwittingly from an e-mail attachment, they often
    destroy valuable files - and many still do that.
    But new strains are being designed to add extra sting.
    Consider the recent SirCam virus. It arrives in the form of a
    seemingly harmless e-mail attachment. If opened by the recipient, it
    sends itself to every name in the victim's address book. There's
    nothing special about that. But SirCam doesn't stop there. Before
    forwarding itself on, it raids your "My Documents" folder, where
    people often store their most sensitive material, and randomly selects
    a file that it sends out with the infected e-mail. Maybe it's a
    meaningless file; maybe it gets you fired or divorced.
    But before a virus can do damage it has to enter a computer or
    network, and hackers have taken infiltration methods to new levels as
    Most viruses and worms enter computers when infected e-mail is
    But the recent Nimda virus was a different animal altogether,
    infecting e-mail, network servers, which regulate digital traffic, Web
    sites and shared disk drives, where it automatically copied itself
    without the need for anyone to download it.
    Culture of hacking
    Hacking wasn't always this destructive.
    In fact, it started at MIT in the 1960s as a perfectly innocent
    pastime, aimed at tweaking higher performance out of some of the first
    mainframe computers to appear on college campuses.
    In the 1970s, college students known as "phone phreaks" turned their
    fascination with technology to hacking long-distance telephone
    networks for free calls. Apple computer founders Steve Jobs and Steve
    Wozniak were among hacking's early gurus.
    By the 1980s, as academic and defense research computer networks began
    rapidly expanding into what would become the Internet, the hobby had
    started turning dark. Phone phreaks turned to hacking these networks,
    exchanging passwords and techniques on some of the first electronic
    message boards.
    It wasn't until 1988 that hacking shook the establishment with the
    Morris worm.
    Created by Cornell graduate student Robert Morris Jr., the worm
    program spread through 6,000 academic and defense computers,
    paralyzing many.
    The spindly, bespectacled Morris typified the new computer nerd and
    showed the world what a few lines of renegade code could do. Morris
    told prosecutors he never intended to crash computers, but only to
    expose security flaws.
    Until recently, this has been the credo of the hacker: Expose
    weaknesses so software venders will fix them. But as the Internet
    exploded and a new generation raised on computers has taken to
    hacking, the hobby has degenerated into what old school hackers call
    "crass vandalism" perpetrated by "script kiddies."
    "This is point-and-click hacking," said a San Francisco-area "white
    hat" hacker who calls himself Pauly Morf. "It requires no skill or
    understanding of network vulnerabilities. I have no respect for it or
    this generation."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 07:17:45 PDT