Not Rocket Science

Dec. 21, 2004
The tools of electronic theft are easy to obtain.

The technical methods used to grab data stored in computer networks is surprisingly simple. Most of the software, freely available off the Web, is about as complex as filling out a purchase order. In his San Francisco office, Yobie Benjamin, director of Cambridge Technology Partners Enterprise Security Services Div., starts by doing a keyword search on the Internet for "mail bombs" and gets 141,791 matches. He picks a site and completes a form, which sends 25 e-mails to a co-worker whose machine shuts down and needs three reboots to restore. This attack could be used to turn off a firewall. During the confusion, the attacker could open a backdoor into the network. If the attack is launched against a commerce-based Web server, the downtime alone could be costly. Other methods used to penetrate information systems include:

  • Port scanners that look for open Internet and fax/modem ports.
  • "Nukers" that flood those same ports with data and render them defenseless to intrusion.
  • Ping-flooding, which shuts down the firewall server by flooding it with too many requests for information (pings).
  • IPspoofing, in which machines that direct traffic are tricked into thinking the attackers machine is another trusted machine on the network.
  • Sniffers, software that downloads passwords, then runs them against "dictionaries" of potential passwords.
  • Trojan Horses hidden in executable (".exe") code such as mail attachments. At DEFCON (an annual hacker conference) in July, a hacker group called Cult of the Dead Cow unveiled Back Orifice, a Trojan Horse that allows anyone sitting at a remote location to watch and control all machines connected to a network. Businesses should be particularly afraid of this one, says Benjamin. "There are versions [of Back Orifice] that now are packed with the e-mail buffer overflow flaws found in Microsoft, Netscape, and Eudora Mail products. With these, a victim would have no conceivable clue that his machine was attacked."
The easiest way to download the contents of a machine is to plug into the printer port, says Michael Anderson, president of the Gresham, Oreg.-based computer forensics and security training center for corporate technology specialists called New Technologies Inc. High-tech bugs, a la James Bond, also are finding their ways into corporate boardrooms and offices of CFOs. U.S. Customs, for example, is confiscating a number of listening devices tucked inside office supplies -- clocks, pens, billfolds, etc. Secret Service Special Agent Bob Weaver, who heads the New York Area Electronic Crimes Task Force, displayed hundreds of such gadgets on a conference table in Manhattan this year. "Things are only going to get worse. Technologies are changing so rapidly. ESIDS [Electronic Surreptitious Interception Devices] are getting smaller, better, and easier to use," says Customs special agent in charge Bill De Armond.

Sponsored Recommendations

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!