|
At its next General Meeting on April 1, DACS will welcome back Jeff Setaro, resident computer security guru, for an update on virus prevention. At press time, Jeff was preparing additional content to his standard presentation, along with a detailed look at the latest weapons in the epic battle for cyberspace. You can see the latest version, and download a printable handout from our Web site www.dacs.org. April 1st would seem a fitting occasion for a presentation on computer security. After all, fools have always been the easy first targets of hacker mischief, and given the propensity of fools to repeat their mistakes, they have only themselves to blame. However, as hacker attacks evolve and become more sophisticated, innocent third parties–including major Internet companies--are increasingly being drawn in, and the potential damage is rising exponentially. With about 10-20 new viruses, worms and Trojan horse programs discovered every day, new words are being added to the lexicon to describe them. The latest is malware, a generic descriptive which is short for malicious software, designed specifically to damage or disrupt a system, such as a virus or a Trojan horse. As the theater of operations moves to corporate servers and major Web sites, hackers are setting aside their code-based invasive programs that attack the host computer or send out copies of themselves to mailing lists in favor of more strategically targeted programs that use the host as a launching pad for mass destruction. These are dubbed distributed denial of service attacks (DDoS), and they work by sending out a blizzard of instructions from a host of compromised systems (zombies) to target Web sites that tie them up in petty operations and thus deny them the ability to carry out their egitimate tasks. One security expert described the process as “getting pecked to death by ducks.” Distributed denial of service attacks first got underway in 1999, and in the following year began to command attention with one that crippled CNN, Yahoo and eBay. More recent variants are getting more sophisticated in their targeting instructions and are proliferating much faster. The Code Red worm in 2001 doubled about every 37 minutes, while the newer SQL Slammer (pronounced “sequel” or Microsoft’s database program) managed the same task every 8.5 seconds and spanned the globe in only 10 minutes. The growing threat is exacerbated when you consider that there are at least five networks of zombies with as many as 7,000 to 140,000 computers in each that could be harnessed to spur DDoS attacks, potentially bringing Internet commerce to its knees. But if malware is increasingly going after the big fish, why should us little guys be concerned? For one thing, we all suffer when our favorite Web sites are brought down. Even more importantly, the proliferation of high-speed Internet connectivity that is always on is making our home PCs the gateway for most attacks. Our negligence in providing a vector for transmission of computer viruses is at the root of the problem–and negligence is a favored term among the legal profession. Come to the April DACS meeting at Danbury Hospital auditorium to hear about the latest in virus technology and how to protect your system from it. The meeting starts with casual networking at 7:00, followed by a business meeting at 7:30 and the scheduled presentation at 8:00. The meeting is open to the public, so bring a friend. |
|
