Hackers target home PCs

Attacks: High-speed Internet connections make some computers particularly vulnerable.

March 06, 2000|By Michael Stroh | Michael Stroh,Sun Staff

"I've Been Hacked ... Help!"

"Big Problem: Someone Hacked Me!!"

"Got Hacked -- And I Deserved It."

Their pleas fill cyberspace: home computer owners who've had passwords ripped off, disk drives ransacked and computers turned into "zombies" by hackers to do their bidding.

It wasn't always like this. In the past it was mostly heavy-duty government and corporate computers who fell victim to cyber miscreants.

But as high-speed Internet connections and home networks grow more common, experts say hackers are starting to add home PCs to their hit lists, too.

"They're becoming juicier targets," says Greg Gilliom, president of Network Ice, a San Mateo, Calif., company that makes anti-intrusion software.

The reason: Home computers with high-speed connections can be a valuable tool to hackers looking to go on a cyber crime spree. Another plus for hackers, experts say, is that unlike companies or government agencies, home PC users rarely employ security measures to keep hackers out.

This point was underscored in the weeks after high-profile attacks on Yahoo! and other large commercial Web sites, when computer security officials at James Madison University and other sites turned up tainted Windows 98 PCs that may have been used to carry out attacks.

Theoretically, any computer connected to the Internet is vulnerable to attack, but those with cable and DSL connections make particularly easy prey. That's because such connections are "always on" and typically have a fixed address in cyberspace, known as the Internet Protocol (IP) address. Using automated scanning tools widely available on the Internet, hackers scan these IP addresses looking for unprotected machines.

"These days it's pretty much point-and-click hacking," says William Knowles, a former hacker who now works as an online security consultant.

Dial-up modem users, on the other hand, are moving targets that are harder to hit because their Internet provider assigns them a temporary IP address every time they log on.

Most authorities say the odds of being attacked are still small, since fewer than 5 percent of Americans have high-speed cable or DSL Internet connections at home. But, says Knowles, that doesn't mean it won't happen.

"People think, who's going to want to hit my machine?"

That's what Michael Roman thought until he returned from a business trip and found his home computer sluggish and unresponsive. When he investigated, Roman discovered five people were logged onto his computer with him, some from as far away as Denmark.

"The cable modem was flashing like crazy," says the 44-year-old Toronto real estate appraiser. "I was freaked out."

Roman got lucky: It turned out the hackers were only after his large digital music library of Cat Stevens and Simon and Garfunkel tunes. But he says it could have been worse, since elsewhere on the computer were credit card numbers, bank account logs and other sensitive data.

"I thought if everything was password-protected, I was secure enough," he says.

Savvy consumers such as Roman are waking to the notion that they're not safe, and a handful of publishers now offer personal "firewall" software designed to block intruders. These programs can usually create log files of attacks which can be e-mailed to the user's Internet service provider in case of emergency.

Tim Adamczak, a retired police officer in Gilderland, N.Y., says his personal firewall has logged a half-dozen break-in attempts in the past few months alone. When he tracked them down, he found hackers from as far away as China and as close as Maryland.

Companies that offer high-speed service are also starting to pay attention to the problem. Excite@Home, which provides high-speed Internet service to cable companies around the country, including Comcast in the Baltimore area, recently struck a deal with software publisher McAfee to provide discounted anti-intrusion software to its customers.

Next-generation cable modems will have some protections built in, says Jay Rolls, vice president of network engineering at Excite@Home. But customers must still do their part.

PC owners with home networks, or who use software programs such as PCAnywhere that offer remote access to their machines, have to be especially vigilant.

But the best endorsement of all comes from hackers themselves.

"Install firewall software," a hacker operating under the name "Bad+apple338" told one security newsgroup recently. Or, he said, "We will come right through."

Net security

For more help, check out these popular Internet security products:

* BlackIce Defender from Network Ice. $40. www.netice.com

* Norton Internet Security 2000 from Symantec. $60. www.symantec.com

* ZoneAlarm from ZoneLabs. Free. www.zonelabs.com

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.