The bad guys of the Internet are fleecing ignorant computer users at an alarming rate, in an unprecedented crime wave that leaves law enforcement barely able to even stay in the race. The situation has gotten so out of hand that Internet service providers (ISPs) like AOL and SBC have even started offering free antivirus software to their customers.
The point of this series of articles is to help computer users at home and in the office minimize the risks they take when they “log on.” However, it is important to first understand the gravity of the situation. While getting free antivirus software is nice, you cannot trust your ISP to protect you.
I recently helped a client that was complaining that his computer was operating “way too slow,” and that he wasn’t able to update his business software. I managed to pry three viruses out of his machine, along with a couple of back door “trojan” programs, and 148 instances of spyware and adware. I also removed 6 porno movies and three file transfer programs that had been installed without his knowledge. To his great shock and dismay, I informed him that his computer was being controlled remotely by a bad guy to distribute pornography. With no little effort, I cleaned, patched and “locked down” his computer, and gave him a list of Internet “do’s and dont’s.” It could have been worse: sometimes the only choice is to erase everything from a computer’s hard drive, and rebuild it from scratch.
The scary part of the story is that this man’s computer is the main computer at a local insurance agency. His office had no real rules for computer/Internet usage, and employees were allowed to use the machine as they pleased. This offices computers handle sensitive personal information every day, such as credit card, Social Security and bank account numbers, passwords, and the like. How much of this information may have fallen into the hands of the bad guys, I don’t even want to know.
I often hear ignorant computer users smugly declare, “I don’t care about Internet security, because there’s nothing important on my computer. Nobody would want to mess with me.” However, many bad guys could care less what’s on your computer. For them, the goal is to secretly control other computers, using them to attack other computer systems, or (among other things), even distribute pornography.
You may remember hearing in July, 2001 about the Code Red virus. Hundreds of thousands of unsecured computers infected with Code Red were poised to attack the White House’s website all at the same time. Had the White House not changed its numerical Internet address at the last minute, it would have been devastated. Even so, Code Red and its cousin, Code Red II, caused economic damage in excess of $2 billion.
Next time, on our way to outlining a computer security plan, we’ll look at some hard, but unavoidable, statistics.