Return-Path: <sentto-279987-3005-1003249276-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 16 Oct 2001 09:22:09 -0700 (PDT) Received: (qmail 5760 invoked by uid 510); 16 Oct 2001 16:20:57 -0000 Received: from n31.groups.yahoo.com (216.115.96.81) by 204.181.12.215 with SMTP; 16 Oct 2001 16:20:57 -0000 X-eGroups-Return: sentto-279987-3005-1003249276-fc=all.net@returns.onelist.com Received: from [10.1.4.54] by n31.groups.yahoo.com with NNFMP; 16 Oct 2001 16:21:16 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 16 Oct 2001 16:21:16 -0000 Received: (qmail 23064 invoked from network); 16 Oct 2001 16:21:14 -0000 Received: from unknown (10.1.10.142) by l8.egroups.com with QMQP; 16 Oct 2001 16:21:14 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 16 Oct 2001 16:21:14 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id JAA20488 for iwar@onelist.com; Tue, 16 Oct 2001 09:21:13 -0700 Message-Id: <200110161621.JAA20488@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 16 Oct 2001 09:21:13 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:New.hackers.wreak.havoc] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit New hackers wreak havoc John Yaukey, Gannett News Service, 10/16/2001 <a href="http://www.azcentral.com/news/articles/breaking/1016hacker16.html">http://www.azcentral.com/news/articles/breaking/1016hacker16.html> When Maurice Paynter installed his new Internet security software, he got a sobering look at modern life online. "I realized I'm being attacked constantly," he said. The software, which records attempts by hackers to infiltrate the host computer, showed Paynter was being scanned for openings 30 to 40 times a day. Scarcely a day passes now that his software doesn't detect a virus. According to watchers of malicious codes, hacking is becoming pandemic, a national pastime for computer enthusiasts tempted to test their skills against the establishment. Since 1998, the number of hacking attacks and virus releases has increased sevenfold. Viruses are being produced at a rate of a dozen or more per day, with some causing tens of millions of dollars in damages and lost productivity. To make matters worse, many hackers are employing more intentionally destructive tools and tactics, some so callous that even their fellow code crackers have denounced them as a different breed. Shortly after the Sept. 11 terrorist attacks, some hackers exploited the catastrophe to spread a virus using what appeared to be an e-mail pleading for peace. When the message was opened, the virus loaded onto the recipient's computer and damaged files. In what is perhaps the most disturbing trend, hackers are infiltrating well-known news sites, including Yahoo! and the Orange County Register, and rewriting stories. These "subversion of information" attacks raise a host of concerns in the wake of Sept. 11, when news sites were a major source of information. "There used to be a strong ethic among hackers - get in and look around, but do no harm," said William Knowles, a 32-year-old Chicago-based computer security analyst and a former "benign" hacker. "That's been lost on the younger masses." Experts say it's changing the Internet the way crime changes a neighborhood. People are now constantly on alert for suspicious e-mail and other applications that could potentially harbor malicious code. It has gotten so bad that several Internet service providers have been threatening to disconnect customers who don't use protective anti-virus software. Viruses get meaner The modern hacker has a selection of tools and strategies to choose from, including viruses and worms that typically spread over networks and clog computers, and attacks, which they can launch against Web sites to disable them or change their contents. Viruses and worms have typically been considered dangerous because once downloaded, say unwittingly from an e-mail attachment, they often destroy valuable files - and many still do that. But new strains are being designed to add extra sting. Consider the recent SirCam virus. It arrives in the form of a seemingly harmless e-mail attachment. If opened by the recipient, it sends itself to every name in the victim's address book. There's nothing special about that. But SirCam doesn't stop there. Before forwarding itself on, it raids your "My Documents" folder, where people often store their most sensitive material, and randomly selects a file that it sends out with the infected e-mail. Maybe it's a meaningless file; maybe it gets you fired or divorced. But before a virus can do damage it has to enter a computer or network, and hackers have taken infiltration methods to new levels as well. Most viruses and worms enter computers when infected e-mail is downloaded. But the recent Nimda virus was a different animal altogether, infecting e-mail, network servers, which regulate digital traffic, Web sites and shared disk drives, where it automatically copied itself without the need for anyone to download it. Culture of hacking Hacking wasn't always this destructive. In fact, it started at MIT in the 1960s as a perfectly innocent pastime, aimed at tweaking higher performance out of some of the first mainframe computers to appear on college campuses. In the 1970s, college students known as "phone phreaks" turned their fascination with technology to hacking long-distance telephone networks for free calls. Apple computer founders Steve Jobs and Steve Wozniak were among hacking's early gurus. By the 1980s, as academic and defense research computer networks began rapidly expanding into what would become the Internet, the hobby had started turning dark. Phone phreaks turned to hacking these networks, exchanging passwords and techniques on some of the first electronic message boards. It wasn't until 1988 that hacking shook the establishment with the Morris worm. Created by Cornell graduate student Robert Morris Jr., the worm program spread through 6,000 academic and defense computers, paralyzing many. The spindly, bespectacled Morris typified the new computer nerd and showed the world what a few lines of renegade code could do. Morris told prosecutors he never intended to crash computers, but only to expose security flaws. Until recently, this has been the credo of the hacker: Expose weaknesses so software venders will fix them. But as the Internet exploded and a new generation raised on computers has taken to hacking, the hobby has degenerated into what old school hackers call "crass vandalism" perpetrated by "script kiddies." "This is point-and-click hacking," said a San Francisco-area "white hat" hacker who calls himself Pauly Morf. "It requires no skill or understanding of network vulnerabilities. I have no respect for it or this generation." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:55 PST