Phishing, pharming and hacking: Cyber criminals more sophisticated
Spamalot is not just the name of a Monty Python Broadway production. It’s an Internet threat that continues to grow.
The volume of spam has increased 100 percent in the past year, and spam has become more dangerous, with URL-based viruses increasing 256 percent, Steve Powell, president of Delta Systems Group, said. What once was machine versus machine is now an emotional appeal to humans, with threats such as phishing, spam and malicious software, or malware.
Steve Powell, owner, Delta Systems Group
“They’re getting pretty crafty,” Powell said, as he pointed to an e-mail purported to be from a local bank, complete with the logo. But he spotted an extra “o” in the bank’s name in the URL. Powell advises Internet users to read the fine print and question what they’re receiving. Ask why someone would want information about accounts and passwords.
“Be more diligent when reading e-mails from strangers, and be smarter in what sites you’re clicking on and giving information to,” Powell said. He compared it to passing personal information to a stranger on the street.
In addition to phising, pharming – a spoof of legitimate Web sites – is becoming more prevalent.
Kevin Schmutzler, SonicWALL security expert
SonicWALL security expert Kevin Schmutzler cited an example: You’re typing in the URL for Bank of America, only you drop the letter “K.” You’ll be driven to a site that’s not legitimate, although it appears to be. To protect consumers from such phishing and pharming attacks, most financial institutions or online shopping sites have safeguards in place, such as dual authentication. Dual authentication can be anything from a second password or a special icon that you must see prior to accessing the site, he explained.
“If a site you are trying to access doesn’t have this kind of dual authentication, then a good way to protect yourself is to make sure the URL is correct. That doesn’t guarantee it 100 percent, but should safeguard you against most current pharming or phishing threats,” Schmutzler said.
David Nivens, an owner of Midwest CompuTech
The key word in computer security is proactive. According to David Nivens, an owner of Midwest CompuTech, companies once responded to Internet threats or holes in a reactive manner. New security programs are more intuitive, can assess potential threats and can proactively react to them. He used the term “heuristic analysis,” defined as a method to search for commonalties in computer threats. Antivirus programs and other security devices, such as firewalls, search for these threats, not yet identified as a virus or hacking program, analyze them and target the threat.
Companies are becoming more aware and taking steps to prevent and contain viruses, spyware and other security threats, Nivens said. He mentioned a school district that let its antivirus program expire. Within a few days, the system was attacked and had to be completely shut down for several days while the virus was quarantined and eliminated by physically removing it from each machine and server.
Hacking is more prevalent, especially among small to medium businesses, Nivens said. “A lot of small businesses have many things on their plates to pay for. Security for their network systems is often toward the bottom of the list.”
He said the kind of firewall purchased at a department store is similar to posting a screen door into Fort Knox with a “Do Not Enter” sign. Programs search for open servers and can harm businesses. One way is to use the server space to relay spam and slow down the server. Another is to get in and hold the company’s data hostage.
Nivens said most hackers are from other countries, meaning there’s no jurisdiction to prosecute their activity. It’s not like someone physically breaks into your office in Columbia and then you call the local police, he explained.
People often think: “It won’t happen to me,” Nivens said. The Internet is still foreign to many users. It’s like they think their business is safe if it’s in a good neighborhood, he noted. Most people need to realize that “the Internet can be one big bad neighborhood. There are people whose whole day is spent to wreak havoc,” he said.
Internet security is an education issue and people need to understand breaks in the system can happen in unexpected and unlikely places, Nivens said. He cited a recent case in Eastern Europe in which a group of hackers put together a full-scale cyber-attack using a “botnet.”
A botnet utilizes PCs and servers from around the world and, in this case, flooded the country of Estonia with Internet traffic. It brought the entire country’s network of Internet-reliant machines to a halt, including access to online newspapers, ATMs, banks and other services that rely on the Internet for connectivity. Nivens said the hackers could have used any personal computers, including the PC on your desk or in your home in Columbia. You wouldn’t even have known it was happening.
The economy behind hacking is greater than the illegal drug trade, security expert Schmutzler said, citing statistics from the Treasury Department of Technical Assistance.
“Hacking has moved from the kid in the basement to professional organizations specifically designed to steal data,” he said.
He agreed that education is a key component. The Mizzou graduate is a territory account manager for SonicWALL, which has partnered with Personalized Computers. They’re presenting a network security seminar May 28-29 in Columbia.
Businesses can start to protect their networks with non-technological steps, Schmutzler said. He suggested small-to-medium-size businesses develop policies, such as determining which Web sites employees can use.
This includes shopping sites, because it’s “not just malicious threats, but threats to productivity,” such as an employee on an online auction site for eight hours a day, Schmutzler said. During March Madness, employees watching basketball online slowed a company’s system down to a crawl. The problem could have been avoided with a written policy limiting the hours employees can download streaming video. That policy can be backed up with equipment to control the company network.
Once business owners have a policy and educate employees, the next step to consider is technology. With Unified Threat Management (UTM), the user does nothing. The system is dynamically updated, and the signature is immediately written and applied. UTM includes gateway anti-virus, gateway anti-spyware and intrusion prevention services running on a firewall appliance at the perimeter, or edge, of the network, Schmutzler said.
“Most damage from a virus is done within the first four hours,” he said. This technology catches the threat before it hits the company’s network.
One trend is layered security, providing protection at several layers, from the client level/personal computer to e-mail to the firewall level.
Another trend is secure remote access. There’s the need to ensure those devices are safe, whether logging on from home or in an airport kiosk, Schmutzler said.