Small Business's Networks Are Not Immune to Hackers' Attacks
Stan Choe of The Charlotte Observer reports that "They're out there. For profit or for fun, those worms and viruses -- along with the human hackers who create them -- constantly probe computers for weaknesses. Chances are, if your computer is patched into a network, someone is poking around right now, or will be within the hour, security consultants say.
Target: Small firms Small businesses are especially attractive targets for hackers, security firms say. Unlike large corporations with their large resources, small businesses often don't have full-time staffs to shield themselves. Many also mistakenly believe hackers are attracted only to big-name businesses......
Small Business's Networks Are Not Immune to Hackers' Attacks
BYLINE: By Stan Choe
BODY:
Code Red. Melissa. I Love You.
Some hackers are just voyeurs, interested in reading your private files. Others are vandals, hoping to snarl your systems or create mayhem in your business. The worst are thieves, hungry to steal information like credit card numbers or other data they can use
to make money. The good news is: While hackers and viruses are far more prevalent than many people realize, and while the damage they cause can be great, computer users can employ simple tools and techniques to defend themselves.
But everyone, from Fortune500 companies to your personal PC, is a target for viruses and
worms. Both are passed indiscriminately through e-mail attachments and infected floppy
disks, and both can damage hard drives. Worms burrow into e-mail address books and send
themselves to as many people as they can, bogging down networks.
Hackers, meanwhile, often go after smaller companies' networks, hoping to use them
together to launch a coordinated attack against big-name marks, security firms say.
By launching multiple attacks from the smaller companies' networks, hackers can better
hide their origins, said Charles Hutson, vice president of technology and services for
ColdLabs, a Charlotte network security firm.
Home users, though, are much less at risk of being hacked. Servers, the machines that
connect computers to networks, are easier and more attractive targets than personal PCs,
security analysts say.
Potential damage for a home user could run from deleted files to agonizing system crashes
and a bogged-down hard drive.
For servers, the damage could be much more devastating. Hackers could steal credit card
numbers, copy customer lists or leave doors open for further, deeper access. Companies,
including at least one from the Carolinas, have found hackers running porn sites from
their own servers. That action steals a company's server capacity and puts the company at
risk of prosecution if the site offers illegal underage porn.
And hackers, worms and viruses are relentless.
About a dozen viruses try to get into Charlotte's Coca-Cola Bottling Co. Consolidated
every day, said Warner Watkins, the bottler's senior security specialist.
Completely securing yourself from every danger is near impossible, experts say. But being
a smidgen tougher to crack than the next person helps immensely, they say. Unless they're
determined to crack a specific company (think eco-terrorists after an oil company),
hackers usually move on to easier targets after meeting any resistance, said Jack Wiles, a
network security expert in Rock Hill.
Many of the perpetrators are running programs they found on hacker sites around the Web.
Because the programs are automated, they're not able to sneak around unexpected blockades
target companies put up. The bottom line: Most of these kinds of hackers are easily
thwarted by the home or office computer user.
Hackers who run automated programs "are not that sophisticated," said Coke's
Watkins. "They're not even probably sure about what to do when they get in, maybe
paint their Kilroy there."
Usually, hackers are merely curious and don't have malicious intent, Wiles said. "But
by the same token," he said, "I don't want to be the one they get curious
with."
And even if hackers don't get sensitive secrets or erase important files, they still can
cost businesses thousands of dollars in lost time and sales, as Steve Schwartz learned
last month.
A circuit breaker had tripped at his Myrtle Beach software company at 5a.m. that morning.
UniTrends Software Corp. writes recovery and backup software for corporations.
As Schwartz, the company's president, booted machines back online, he found a strange
entry in the computers' logs. A hacker had come through a secure shell, an access into the
servers meant only for specific users and protected by passwords. The hackers had
infiltrated.
Schwartz would never have known about the breach but for the tripped circuit breaker. (He
still doesn't know what caused the breaker to trip.) The hacker was trying to cover his
tracks exactly when the power cut. His actions were frozen in the logs, akin to an
aeons-old mosquito caught in amber. The hacker, who goes by the name Lucifer, was from
Romania, Schwartz said.
Schwartz and his staff of five quickly began cleaning out their computer systems, deleting
everything and loading backup software. The employees spent about 10days scouring their
servers and computers. They blocked all incoming e-mail. The company couldn't do any other
work, couldn't sell any products. Total cost of the 10-day cleanup of UniTrends' hacked
system: $ 20,000 in lost revenues, Schwartz said.
While they cleaned the network, company employees found a secret file, set up by Lucifer
to store tools to attack other companies' servers. Schwartz's personal computer sometimes
refused to acknowledge key strokes; he would hit a key, and nothing would appear on the
monitor. "It was as if they were stealing my characters," he said. At least
every half-hour, hackers tried to get back into the server. They were trying to enter via
other companies' servers, such as America Online, hoping to hide their origins.
To prevent further attacks, UniTrends no longer allows outside computers to dial in to the
server. All work must be done in the office. It also continues to diligently make backup
software. "They ruined the computers," Schwartz said, "but because we had
good backups, we were able to bring them back."
To protect and defend Security experts offer the following advice for protecting your
computers:
Get a firewall.
A firewall is a combination of hardware and software that acts like a security guard in a
building's lobby. It checks for proper identification and passwords before allowing access
into servers. Firewalls can block certain computers from accessing the server. For servers
that host Web sites, the firewall will allow most people onto the site but not into the
server itself.
Even home computer users should get firewalls, especially if the computers connect to the
Internet via cable modems or Digital Subscriber Lines (connections that are always on),
said network security expert Wiles. "It's incredible the number of attempts,"
Wiles said. "I had an attempt in less than five minutes after installing a firewall.
There's just so much random probing."
You can download some firewall programs for free online, or you can buy software packages
at computer retailers.
Firewalls can range from free to thousands of dollars, depending on service.
Of course, firewalls aren't foolproof, and hackers often attempt to break in through holes
and weaknesses of computers' operating system software. To prevent these types of
break-ins, you should:
Make sure to regularly download software patches, which close openings hackers find in
operating system software.
As soon as software companies find holes that hackers can abuse in their programs, they
often make "patches" to cover them. These patches are available to download for
free at the companies' Web sites, such as www.msn.com
and www.securitynewsportal.com.
By keeping up to date on patches, computer users will offer fewer entrance points for
hackers. It's especially important to update often, Wiles said. Delaying downloading the
patch until after work gives hackers that much more time to take advantage of that hole.
Many of the patches are relatively easy to download, taking only 30seconds on a 56k
dial-up modem.
If your company's Web site is hosted by another company, be sure to check its reputation.
When another company's server hosts your Web site, they hold the keys to the public face
of your company on the Internet. Make sure network security is a top priority for the
company. Ask around and see which companies get the best recommendations.
Get and regularly update anti-virus software.
This is often also available for free around the Web. Norton, by Symantec, is one of the
most popular anti-virus software programs, available for a free trial at www.norton.com. The anti-virus software
keeps an updated database of known viruses and blocks their entrance into your computer.
Viruses attack personal computers as well as servers, through e-mail attachments and
infected floppy disks. It's important to update the anti-virus software often, as
anti-virus companies discover new strains.
Viruses can delete files or make working on your computer a near-impossibility.
Like viruses, Trojan horses are passed through infected disks and e-mail attachments.
Trojan horses leave back doors open in computers and servers, allowing hackers to enter
whenever they want.
A simple way to avoid viruses and Trojan horses is to steer clear of e-mail attachments
from unfamiliar addresses. Also, be sure to scan all floppy disks for viruses and to
disable your e-mail program from opening attachments automatically.
Be sure to check rumors of viruses and worms for hoaxes.
Many computer users frantically pass on messages warning of viruses. The messages, often
forwarded thousands of times, advise to avoid messages with certain subject headers.
Unfortunately, many of these warnings turn out to be false, and passing along the message
merely bogs down the system. With everyone forwarding on the message, the servers have
less capacity to do real work. Many sites on the World Wide Web, such as www.ciac.org, list hoaxes.
Report any network break-ins to law enforcement officials and your system administrators.
Many companies are nervous about letting anyone else know their network has been
compromised. It decreases public trust, and no one wants to be known as a mark. But
reporting to the Federal Bureau of Investigation, Secret Service or local police helps
warn others who might fall prey to the same saboteurs.
Change passwords often and use obscure ones.
This is the most obvious and perhaps the easiest security measure. You should change your
passwords every 30 to 90days, Wiles said. Also, something as simple as having a numeral in
your password makes it more difficult for hackers to crack.
Join local network groups, where people discuss network security.
Shared knowledge and joint efforts always help. Several networking groups exist in the
area, such as Infragard, a collection of private and public entities.
Be wary when you pick up the phone and hear what seems to be a fax machine.
Sometimes, it's a hacker trying random telephone numbers to see if there's a server on the
other end. The method, called war-game dialing, often is a shot in the dark as hackers
search for weakly protected servers. Report these to your administrators, who should pass
on the information to law enforcement.
Of course, a company can face a hacking threat from one of its own employees. An
employer's best prevention for that is to take great care in hiring and firing.
The key to healthy network security, experts say, is to treat it as something as important
as sales or marketing.
"Paranoia will never be the answer," Wiles said. "We don't want people to
be afraid, just a little more careful."
-----
To see more of The Charlotte Observer, or to subscribe to the newspaper, go to http://www.charlotte.com.
