General security advisory: December 2004

Contact: Tony McClelland, state networks senior engineer, tmcclell@ihets.org

We all use computers for work and/or entertainment. They have become an integral part of our lives. We depend upon them for our jobs, communications, shopping, etc. When our computers are compromised or not working properly, we are affected. So, that raises the questions: why would someone want to attack my computer, how do they compromise systems, what can be done to protect computer systems? I will answer these questions one by one.

Why would someone want to attack my computer?

Attacks happen for a few different reasons. One reason is that a computer is simply there. Some attackers just enjoy seeing what they can get into and really have no malicious intent. Usually script kiddies run these attacks. It doesn't take much knowledge of how the system operates, and all they do is download an attack and launch it against the Internet. Other attackers are more serious, they feel that you have data on your system that they want or can use personal information, e-mail contacts, and financial data for example. This information can be used for identity theft or as a prelude for a larger scale attack. Another reason to attack systems is that a compromised host can be used as a launch point for other larger scale attacks like a distributed denial of service attack (DDOS). This type of attack uses multiple systems to bombard an Internet Web site in hopes of taking it offline. Compromised systems can also be used as hacker currency that can be traded to other hackers for financial gain or another compromised host.

How would someone compromise my systems?

Many ways exist to compromise a computer system. I will cover the most prevalent ways. Malware is a term to describe a program designed for attacking computer operating systems. This is what most script kiddies use in their attacks. To use malware all you need to do is download the program you want, install it on your computer, add an IP address or range, and click go. If the Computer being attacked is susceptible to the malware attack the program does all the work, and the system is compromised. Another more serious attack comes from individuals who completely understand the operating system and how to exploit it. These attackers write their own programs, and if they work, these attackers will usually make their programs available to others. Systems also become vulnerable through social engineering attacks. Social engineering is trying to gain information about a computer system or organization for an attack by using our human nature to be trusting and helpful against us. These attacks are very effective a lot of the time, so be careful to whom you divulge information.

How do I protect my computer systems?

Keep your operating system up to date. Whenever Windows tells you there are updates available, always get the patch. This will help close the vulnerabilities of the operating system. Always run an anti virus program and keep it up to date. This is as important as keeping the patches up to date. To stop the social engineer, always confirm who you are divulging information too. Do not take their word for it. If you have any questions in your mind about the person or the information they are requesting, pass the individual off to a supervisor or the security group and let them handle the situation. If everyone would follow these few recommendations, it would put a big dent in the attacker's abilities to compromise systems. If anyone has any questions or concerns about computer security, please come by and see me.

The IHETS security team oversees and coordinates security efforts across the ITN network and internally within IHETS. This includes information technology, human resources, communications, legal, facilities management and other groups, to identify security initiatives and standards. We also recognize new developments in information security systems technology; anticipate organizational modifications; establish long-term needs for information security systems; plan strategy for developing systems; and acquire hardware to meet application needs.