How Not to Become a Victim on the Internet

The Internet allows people to transmit and receive data from around the world with an ease never known before in human history. It is possible to transmit data from one place to another across thousands of mile in the blink of an eye. The technology that makes the Internet so accessible is a dual edged sword because the ease inherent in the system makes it vulnerable to compromise. Cyber criminals use the technologies that allow the free flow of information that the Internet provides to invade computer systems. This invasion is not limited to breeching government or corporate systems; anyone who has a system tied to the Internet is vulnerable. The costs associated with cyber crime are astronomical. This cost may be difficult to estimate because the crimes are far-reaching and often difficult to detect. For example, identity thief can cost single individual thousands of dollars. Even after the thief has been detected it can take years to correct the damage. In addition cyber invasion can breech security and compromise sensitive and confidential files, such as those of medical facilities, insurance companies and banks. Sensitive information from medical records or psychological difficulties can be used in detrimental ways. It has been argued that this personal information can be used to deny employment or insurance and in numerous other insidious purposes.

Hackers invade systems and corrupt, manipulate and plant data that can disrupt businesses and crash entire systems. They accomplish this by using techniques that are often difficult to detect or trace. For instance, a hacker may send out a probe that is designed to search for flaws in a computer or networks security. These holes in the system can be used to insert worms or viruses that attack the host systems. Not only can these malicious programs and files corrupt data, they can wrench control of the machine from the user and be used to further other thefts and mayhem by being hijacked and integrated into a networked controlled by a hacker.

Hackers commonly scan a computer to detect open ports, these ports are virtual doorways into a computer, and the software necessary to accomplish is readily available for the cyber criminal. Another reason that security is an ongoing rather than static process is because hackers are continuously refining their art. Hackers often network with each other as well, sharing techniques, software, and even newsgroups that help them keep abreast with security updates and measure to restrict access to networks. In addition it is relatively easy to find and download spyware from the Internet itself in the form of freeware While some hackers are only interested in poking around in other people’s computers, and perhaps in creating hoaxes and practical jokes, many others are interested in generating income at other people’s expense. Further software designed for intrusion has become so simple to use that someone with relatively little technological knowledge can still launch an attack over the Internet. Consequently keeping abreast of the best security measures to protect a system or network in an ongoing process that requires diligence, and perseverance.

Once the hacker has gained admittance into a system they are free to manipulate the data stored on that computer in any way they want. For example a hacker may use an attack called a denial of availability and denial of service. If a network in crippled by this attack, they will no longer have access to the data on their own system. In a company is reliant on the Internet to make reservations for instance, such an attack will make it impossible to provide services. Attacks by hackers may also result in corruption of important data. This is referred to as loss of integrity. This may wreak havoc because the data is no longer trustworthy, especially problematic for systems that provide services that require a high level of trust; such as systems used for air traffic control.

Phishing for victims.

Phishing, a common and rapidly growing problem involves using e-mail as a means of gaining access to personal or sensitive information. A common form of phishing involves sending a bogus e-mail that offers an unexpected windfall. For example, a common fraud is the Lottery scam. The scam is played out when an unsuspecting victim opens an e-mail that says the recipient has just won an international lottery. If the victim is fooled into believing that they won a contest they hadn’t entered, they are told to call a number, and as the story unfolds they are often tricked into giving the crooks sensitive bank information or credit card numbers. Further these false e-mails often have links that look legitimate that will in fact take the user to disguised imitation sites that can and often do contain unseen hazards such as spy ware or virus’ that will invade and damage their system, or allow the hackers into the pc. Companies are taking precautions to protect their employees from being victims of phishing using spy ware, Spam filters and by educating users how to avoid being duped.

Fake e-mails generated by phishing can be difficult because programs used to generate them are growing more sophisticated. There are often peculiarities that can be detected in the header such as a conflict of the domain name and the IEP address. However, it can be very difficult to detect whether the e-mail you received is from a legitimate site. Many experts recommend that you never click on to links in e-mail rather they suggest that you type the address of the page into the address bar yourself. On some schemes it may be easy to tell if an e-mail in legitimate by looking for obvious grammatical mistakes or typos. Unfortunately, crooks have gotten clever at disguising their e-mails to look authentic, however most legitimate businesses wont ask you for sensitive information by e-mail. For example it is unlikely that your bank will send an e-mail requesting your account number.

What are Trojans and viruses?

Trojans are files that are created to disguise themselves to appear as benign, when their purpose is to carry a virus or worm into a system where it can wreak havoc. Trojans will often appear to be harmless downloads. People often download from sites that they believe to be a legitimate site, files that they want to upload such as a jpeg. game, or selection of music. These phishing schemes are complex and often downloaded from sites that appear authentic. These files once loaded into the system unload their packages of viruses or worms. A virus is a file that replicates itself and initiates events be executing commands that take over a system. Generally a virus requires activation by some command unknowingly executed by the victim. A worm, also a self-replicating file, does not require that the user initiate an action. Sometimes viruses are only an inconvenience and other times they can be devastating to the host system. Certain viruses initiate programs that are annoying: such as one that causes your computer to burst into song, by playing a music file unexpectedly, but there is a rising trend of creating and distributing viruses that are destructive and sinister in nature. Another set of damaging applications that thusly invade a system is spy ware. Spy ware can plague your system by collecting information about you from your computer, and cause slow downs in your work by inserting popup and ads into your computer.

Has your Computer been hijacked?

Once a hacker has successfully integrated into a computer using Trojans, worms and viruses the computer is vulnerable to being hijacked. Further it may be extremely difficult to detect the invasion. Hackers often use sophisticated automated programs that are called bots that seek out and invade unprotected systems. They do this by detecting computers as they log on to the Internet; they search them out and repeatedly attack the system, looking for vulnerability. These bots are aggressive and they have no other purpose than finding vulnerable computers. Once vulnerability is detected, viruses, Trojans or worms are quickly inserted. These viruses allow the hacker to enter and take over the computer. Clever hackers can, using bots, take control of hundreds or thousands of P.Cs at a time a use their network of computers for insidious purposes. Pornography or other insidious files can be stored in this system. These hijacked networks can also be used to Phish for other victims, generating and transmitting fake e-mail at an exponential rate.

An accused hacker, Christopher Maxwell, reportedly caused over $150.000 Dollars in damage to Seattle’s Northwest Hospital using a phishing attack. His efforts disabled the intensive care unit as well as disabling communication between doctors and staff.

Using Trojans, hackers insert and store files. This is a popular tactic because using multiple computers, allows the hacker to avoid detection, he can freely move from one computer to the other and in the process avoid detection.

Security Measures

Security experts suggest that the fist line of defense for networks and individual computers are firewalls. Firewalls restrict access to the internal workings and files on your system. Firewalls use hardware and software to screen out unidentified or suspicious packets of information as they attempt to download into a system. Some PCs are not sold with a firewall activated and that makes the PC particularly vulnerable for attack and possible hijacking. It is recommended that firewalls be updated periodically. It is also important that users make sure that existing installed firewalls are activated before venturing out into the Internet.

Some Trojans, viruses and worms are created by using specific operating systems, they are designed to attack that system in particular therefore it is important to routinely upgrade detection systems and patches, which block portals, as these viruses and Trojans mutate. Msn currently offers free downloads for their systems such as Windows and XP. In addition to software, and antiviral programs, there are anti-spywear programs that can be installed to offer support and reduce the likelihood of being invaded. Other strategies to protect systems include; password protection for all accounts, using cryptology for transmission of text documents, keeping current on viruses and Trojans as they adapt. Keeping educated about the most current technologies to protect a system is imperative as hackers are constantly devising new traps. Security technologies can also detect unusual or unfamiliar programs sand files as they operate on your system. Early detection allows network administrator to install patches to block invading files. Or to use antiviral soft wear to rid or clean the system.

Passwords can protect data that is sensitive. Preventing access to accounts such as bank statements and tax records is extremely important as a means of avoiding identity theft and other intrusions. Passwords should not be overly simple as some hackers have technology that will generate passwords using random letters and numbers, and overly simple passwords may be deduced by the hacker from information already collected from his/her potential victim. Experts recommend that passwords contain both letters and numbers and periodically theses passwords should be changed.
Security specialist suggests that encryption programs be utilized for data transmission. Cryptology is used to scramble text and files by generating unintelligible representations of your data. Encrypting data makes it extremely difficult to read information, even if a hacker intercepts your files or transmissions.

Government involvement

Spam is any e-mail that is unsolicited. Though irritating, unless they are deliberately misleading, false or designed to defraud, they are not illegal. However, if they cross the line and become a scam there are international, national and state laws against Spam and other cyber crimes. In addition there are laws that prohibit the use of viruses, Trojans and worms and other hacking activity. There is not a single unifying set of laws that govern Internet crimes in the United States; there are state and federal laws that impose restriction on hackers. Many of these laws are imposed by implemented and enforced by numerous governmental jurisdictions. For example, it is illegal to transmit pornography or trade in it using the Internet. The laws governing the restriction of these practices may be administered by local states, or federal agencies such as US Customs. In addition, the FBI has leveled racketeering charges against computer hackers who invaded their system. Currently legislators are considering laws classifying hackers under anti-terrorism laws, this attempt is working under the PATRIOT act, if the hacker impedes or attempt to coerce a governmental entity further it would become a federal offence under this law to in any way to offer assistance to hackers. Legal experts are already debating the murky waters of this law, arguing that the law may be too liberally interpreted. Currently most hacker offences are similar in scope to trespassing and burglary in that penalties are similar to these crimes.

If a consumer or corporation wants to take legal action against Internet criminals, they should research the laws in the State they live or do business. If the state doesn’t currently have specific laws against cyber crime they can report illegal activity to The State Attorney’s office. The federal trade Commission, The FBI, Customs and other government entities has laws designed to protect the Internet. In addition the Federal Trade Commission has an online reporting form. Though there are legal ramifications for cyber crime, the criminal may be difficult to prosecute because of their uncanny ability to avoid detection. Hackers use many strategies such as hijacking, using false addresses, disguising their location and their ability to change locations rapidly that make prosecuting them difficult. In additions many hackers are located overseas compounding the problem. In view of these difficulties, the best strategy to foil cyber criminals may be in a good defense. Using up to date firewalls, anti-viral programs, encryption and due diligence can deter these criminals.