Security on the Internet

Security on the Internet

Today's information is highly interconnected by the internet. With this interconnection of computer systems through the internet comes computer crime. Breaking into computer systems, damaging information, and stealing information, more commonly known as hacking, has become extremely common on the internet. As hacking becomes more frequent, and as some would say, more of a problem, should we consider hacking a criminal activity?

Information from across the world is stored on computer systems-most of which are connected, networked, to other computer systems through the internet. "In the ideal situation, this interconnection of information enables others from outside a specific computer network to access that specific computer network and its information." (Amoroso, 2003) This has created a world in which information is extremely important and extremely easy to access, which in turn has created a government, business, and personal society that is dependent

on and successful from the networked information.

But this network also has its drawbacks. Besides enabling people who need to use the information for legitimate business or personal use to gain access, the network also-often unknowingly-enables unauthorized people to gain access to the information; in one way or another, no matter what kind of network security they have implemented. Gaining access to a computer system that does not intentionally allow you access is called hacking.

Microsoft's Internet Explorer has it's flaws, and criminal hackers cracker know it. In recent weeks, these evildoers have staged several well-orchestrated Internet Explorer attacks designed to steal your banking and credit card information. The result has been that you can't trust the internet. How will you know if a secure site is truly safe? Here's a look at what's wrong with internet security and what you can do to keep your data under lock and key.

That issue is not the only one, but several flaws are contained within internet. Some well known and some not so well known so-called zero day attacks. All of the serious attacks also use tiny apps called keystroke-logging Trojan horses, which capture IDs, passwords, and credit card information as you type them. And all of the attacks so far happen without users even suspecting there's anything wrong.

Elements of the Russian mafia coordinated a brilliant attack that turned the Internet into millions of points of digital infection. First, the Russians (or their hired hackers) managed to secure malicious code on vulnerable Microsoft IIS Web servers worldwide. Then, using flaws within the internet, JavaScript automatically downloaded whenever a user visited an infected site that included popular search and auction destinations. That JavaScript in turn downloaded a keystroke-logging Trojan horse from another server located in Russia. The attack ended once the Russian server was taken offline.

A second attack targeted accounts with major financial institutions, such as Citibank and Deutsche Bank. Spread by pop-up advertising, which in turn loaded malicious code, this attack uses a Browser Helper Object (BHO), a type of file that developers frequently use to monitor Internet Explorer sessions. In this case, whenever a user visits a banking site, just before the encrypted secure socket layer (SSL) session starts between user and bank, the Trojan records all the POST and GET information before it is encrypted. The Trojan then starts its own encrypted session, sending your personal banking data to a remote server.

How could this happen? Blame monopolies. When Microsoft launched its browser war against Netscape a few years ago, we may have all lost. By encouraging Web site developers to "optimize for Internet Explorer," (Fream, 2001) Microsoft killed off the competition by offering Web surfers flashing images and pretty sounds. Internet Explorer now holds a commanding 95 percent of the Internet browser market. Because of that market dominance, however, Internet Explorer engineers have been lax about browser innovations and battening down its hatches.

In the wake of these serious security events, the software giant posted instructions to secure your Internet Security. In a nutshell, the instructions say to increase the security settings within Internet browser, turn off JavaScript and ActiveX, and start reading e-mail in plain text. In other words, we should turn off everything Web developers have been told to optimize for. No more flashing images, no more cute sounds, just bland old, flat Web pages. And if you do follow these instructions, many Web sites you use every day simply will not work properly.

There's one flaw that Microsoft fixed six years ago in Internet Explorer 3.0 and 4.0 that has resurfaced in versions 5.01, 5.5, and 6.0. And there are a few new gliches within the internet that even the software giant in Redmond, Washington, didn't know existed, despite its own efforts, a.k.a. Microsoft's Trustworthy Computing campaign. To its credit, Microsoft has since posted a patch for one of the new Internet Explorer flaws, but they may have waited too long, and this patch still doesn't resolve all the problems.

"As more Windows users agreed to receive security upgrades automatically, hackers looked to take advantage of other software programs that might not be patched as frequently." (Sullivan) The crisis with Internet Security is so bad that the U.S. Computer Emergency Response Team (US-CERT) now recommends that you move away from Microsoft Internet Explorer. You have "Netscape 7.1, Mozilla 1.7, and Opera 7.5 to choose from. Short of bailing from internet, you can also stop remote-access Trojan horses with a good personal desktop firewall such as ZoneAlarm or those included within Norton Internet Security and McAfee Internet Security. Finally, several of the banking Trojans can be removed with apps such as Spy-bot Search and Destroy and Ad-aware, as well as your favorite anti-virus app" (Cohen, 2004). If you aren't currently checking for spy-ware, you should be. And if you aren't running anti-virus protection, well, now's a really good time.

Security causes many problems for networked information. Hackers can change and damage information, they can sell information, and they can destroy information. They can even destroy the computer systems the information is stored in. It is estimated that Internet Security have caused between $145 million