|
An old problem is getting new press since the arrest last week of a college
student who the Securities and Exchange Commission alleges took control of someone
else's computer, accessed that person's brokerage account, and caused an investment
loss of $40,000.
Remote control programs, such as the one used by this student, are easily available
on the Internet. Most are used for legitimate purposes, such as remote administration,
technical support, or monitoring employees' use of company computers. When used
maliciously they are commonly referred to as "Trojans" or "Backdoors."
While such programs have been around for years, the threat is increasing for
a few reasons. With more and more people getting online the pool of possible
victims has increased. As more people place orders, access banking accounts,
and trade stocks online the chance of gaining valuable information through such
an attack has also increased. The increase in always-on, high-speed Internet
connections, such as cable and DSL, has also made life easier on would-be hackers.
Perhaps the most troubling reason for the renewed alarm is the evolution of
this kind of software. Like other programs, new versions of these applications
increase their power and ease-of-use. This means that the modern "hacker"
has to have far less computer savvy than his predecessors. Because of extensive
documentation and advanced graphical interfaces, most students that have completed
junior high computer literacy class possess the prowess to operate such a program.
A Trojan is broken down into two components: the server, which the victim must
be tricked into running on their computer, and the client, which the hacker
uses to connect to the victim's (or host) computer. Once connected, there is
almost no end to the damage that can be done. The hacker can read, create or
delete files on the host computer or any computer it is connected to. They can
access webcams and even open and close the CD-ROM drive. They can also use their
access to install and run their own programs.
A common use for the latter ability is to install a "keylogger."
This is a program that saves every keystroke the unsuspecting victim makes to
a file on their hard drive. The hacker can then download this file and browse
through it at there leisure to recover such things as passwords, account numbers,
social security numbers, addresses, or any other information that you might
type into any form on an otherwise secure connection.
An up-to-date virus scanner will protect you from most, if not all, of these
programs. However, like the wooden horse from which they take their name, most
bypass your defenses by hiding their true nature. They can be imbedded in harmless
files, such as jokes or screen savers, which are then passed around via e-mail
or peer-to-peer file sharing networks such as Kazaa.
In some of the boldest cases Trojans are even sent directly by the hackers
via instant message programs like AIM or ICQ. In these instances the victim
will receive a message from a supposed struggling programming student, who often
claims to be on a tight deadline and needs someone to test a game they are working
on for a class project. Some even go as far as telling their victims that the
program still has some problems and may be detected as a virus, so they ask
that virus scanners be disabled before installing the game. The helpful victim
then gets sent a copy of the game, plus a little something extra - the Trojan.
Common sense is your best defense. It is best to avoid running any program
sent to you by someone you do not know. It is also wise to avoid e-mail attachments
with an executable extension (such as .exe, .com, .bat, .scr, .pif, or .vbs)
even if it is from someone you know, unless they have told you in advance they
are sending a program. When in doubt, just delete it. If it was legitimate they
can always send it again. If you choose to use file sharing programs like Grokster,
it is best to stick to downloading music and videos and stay away from program
files like those mentioned above.
If you have noticed strange behavior from your computer, especially after opening
a new program, you may have been infected by a virus or Trojan. Scan your system
immediately with an anti-virus software such as Trend Micro's PC-cillin or Symantec's
Norton Anti-Virus. Warning signs might include a slow down in your Internet
connection, error messages containing misspellings or typos, or loss of control
of your keyboard or mouse.
If you find that you have been infected your job is not finished even after
that program has been removed. Think of it like having you purse stolen and
take the same steps. You will need to change any passwords you may have used,
such as those for AOL, e-mail, secure websites, Ebay, or PayPal, just as you
would have locks re-keyed. If you bank or trade stocks online you will want
to notify these institutions to keep an eye on your accounts. You may need to
contact the credit bureaus and have them put out a fraud warning, especially
if you think your social security number may have been compromised. You may
even consider notifying your customers or family of this security breach if
you store any of their sensitive information on your computer.
To avoid problems in the first place consult with a qualified professional.
They can review your home or office security and make personalized recommendations
that will keep your computing safe and enjoyable.
About the Author:
Charles "C.R." Robinson is a Microsoft-certified IT professional who
owns and operates Smokejumper Solutions, THE choice for computer/network service
in Corpus Christi, Texas.
Visit http://www.smokejumpersolutions.com and sign up for The Bench, our monthly
newsletter that keeps you up-to-date on the latest computing trends, tips and
tricks.
This article may be published in print or electronically, as long as the below
resource box and byline are included and as long as it is not used on a paid-subscription
site or in publications for which you charge. You must make all links live if
you post this article online. |
