What do you think happens when you connect your computer to the Internet? In less than an hour it can not be you. While you are yourself googling and control email, a hacker may in Eastern Europe call we it quiet Ivan takes on your computer.
There are a dozen ways, Ivan could do about it, but he probably find you called buy best port scanner with a program that he didn’t get that the Internet like a clumsy burglar cat strays, trying every door, until it locates a left unlocked. Then he makes a connection to your computer art how to start a chat just for you invisible and it used deliver to a “back door”, a small piece of code that lets him take charge of your PC whenever he wants.
You will not know it, but you’re only part of a “botnet”, a small army international computers, Ivan organized crime rings rent, which will use it to spew spam, steal identities, or corporate websites hold hostage (not to mention slow your PC). Sound like a horror story? It comes to more than 300,000 computers per day PCs connected to the Internet without safeguards such as firewall, anti-virus software and an up to date OS.
According to the FBI, $67200000000 lost was last year for online crime. Sure there are ways to fight back, shutdown “Zombies” (PC secretly controlled by hackers) and succeeded in tracking the handful of Ivan’s police catch. But it is like a huge game whack-a-mole. Knock the criminals over the head at one point and will open elsewhere. “No matter what solution you come with, about five minutes it takes the bad guys to get it”, says Lance Spitzner, President of the honorary Honeynet Project indicating what vulnerable computers as bait to researchers to attacker behavior study. “The creativity of cyber criminals is amazing.”
The fact is, the system is easy to play, because it was never intended to secure. The Internet was 40 years ago so geeks created could University to share research, not that you could buy balls on eBay. As a company developed ingenious way to build things like online credit card transaction security came hackers with equally ingenious ways to get it, starts a security arms race Ivan, and his comrades are winning so far. If we want to fight back, we need a new approach, something that changed the way and way have an Internet interact and how the Internet functions.
Companies and organizations around the world are on this kind of long-term solutions work, but one of the most radical ideas is developed at Carnegie Mellon University CyLab, the world’s largest Internet safety research hub. In 2003 has 70 CyLab faculty researchers and 140 students in his Pittsburgh campus, with satellite facilities in Korea and Japan. His approach is to the Internet function as a biological entity that defends against attacks fends off a cold, like a healthy body in other words, a network with an immune system build.
“When we on this objective to move, we have simply all spend our time of solving new problems”, says Pradeep Khosla, Dean of Carnegie Mellon’s College of engineering and Co-Director of the CyLab. You can build something, to secure perfect is that you do something, the attacks can you anticipate can survive so that it is harder and more expensive for criminals to do their thing. Fort Knox could be taken, but it would do a small army that would cut heavily into the bad guys ‘ profits.
CyLab has dozens of projects in various stages of development, many years the implementation and would cost billions of dollars to put in place. But the following measures to create resistance to attacks and the search for the sources medicine are necessary for an Internet that always sicker the minute.
Remedy 1: Create Diversity on Your Desktop
Make software and operating systems that evolve when attacked, so the same trick doesn’t work on so many computers
A vulnerability in Internet Explorer 6 we attacker take over your computer when an infected Web page visited could you discovered Internet security experts in June 2004. The attack took advantage of a vulnerability in IE 6 as managed security, fool to think that malicious code has been the browser in a so-called “trusted zone” on your local computer instead of on the Internet. Once a machine was infected, the attacker could do what they’d like to install delete files, to steal a key logger bank account information or turn your computer into a zombie.
The problem was so bad that the US computer emergency readiness team, get a division of the Department of Homeland Security, Web surfers to use IE until Microsoft issued a patch that has it in August of this year. The worst? So the same mistakes contained every single copy of 6 the attacker had several ten million potential targets. “The reason that the human race is sturdy that it diversity in the gene pool”, Khosla says. “The problem with [software] is that each version has condemned the same mistakes.”
Researchers study how CyLab develop plants and animals during an immune response in hopes to emulate these processes through the construction software if she attacked. If Explorer “developed a few” to resist the attack, hackers soon give up and find an easier target. Under the idea CyLab imagining a step further, creating or would execute statements, how she worked, how it is operated or that would be all operating systems change randomly in a different order each time. For example, IE each copy perhaps a slightly different method for the determination to use security zones.
The difficulty lies in replicating enough of the code so that every application does the same thing, without replicating its vulnerabilities, says CyLab’s technical director, Mike Reiter, who thinks we might begin to see programs like this in three to five years. “Why do we have epidemics?” Khosla says. “Not because there are germs out there. It’s because we can’t control their propagation. You can’t stop the dissemination of viruses and worms, but you can reduce their speed of propagation.”
Remedy 2: Boost Data
Protect corporate databases so they can’t be stolen from, and the networks around them so they can’t be brought down for ransom
Eran Reshef thought he’d figured out a clever way to combat spam. The CEO of Israeli company Blue Security created a method of flooding junk e-mailers and their clients with opt-out requests-essentially, spamming the spammers. Within a few months, Reshef claimed, six of the world’s biggest junk e-mailers had agreed to stop spamming his customers.
Then, this past May, a Russian spammer known as PharmaMaster fought back. Using a botnet, he launched what’s called a distributed denial of service, or DDOS, attack. If too many computers try to access a Web site at the same time, it overwhelms the servers that host the site and shuts it down. DDOS attacks do this relentlessly, keeping a company’s site offline until it agrees to pay a ransom.
And PharmaMaster didn’t stop there. He took down Blue Security’s blog service, its Internet service provider, and the security firm it hired to repel the original attack. Then he sent Blue Security’s customers e-mails infected with a virus. After two weeks of relentless attacks, Blue Security just gave up. At press time, Bluesecurity.com was still offline. (Reshef declined to be interviewed for this article.) Nobody knows how many of these attacks occur every year, because few companies admit to being attacked for fear of revealing their weaknesses. Today DDOS attacks are largely fought by redirecting the enormous amount of traffic to servers that can handle it. Often companies hire firms that specialize in such defense.
Someday these attacks by self-healing networks could that still under fire, during – electronic equivalent of cold function can be solved. But such systems are located, built in the lab still years let alone provided over the Internet. CyLab is not even on them still work. But if it still does not protect a network from attacked at least protecting the large databases a information say they can bank customer data behind these networks. A version of this so-called viable data storage systems are available at CyLab today.
One way to think about CyLab’s system is to imagine a database as a sheet of paper. If you tear the paper into 1,000 differently shaped pieces and store them in 1,000 different places, you make it harder to steal. But if an attacker finds and destroys just one piece, you can’t reconstruct the paper. If you make four copies of the paper, though, cut each copy into 1,000 different pieces, and store all the pieces on 1,000 different computers, you’ve made the target so big and elusive that an attacker can’t possibly take down enough of it to cause you problems. And because there are copies of every bit of data, the system itself can replace any compromised pieces. “An attacker would have to take down 80 percent of your computers to bring the system down,” Khosla says. “Even if you’re under a massive attack, it won’t totally die.”
Remedy 3: Find the Source of Infections
Fix the backbone of the Internet so criminals can’t hide their tracks
Diagnosing anthrax or another infectious disease is easy; the hard part is finding where it came from. Today’s Internet has a similar problem: Malware is easy to spot, but its origin is often a mystery. Information travels around the Internet in data packets, each one with an Internet Protocol (IP) address, a 12-digit number that indicates from which machine it originated. Unfortunately, it’s easy to “spoof,” or fake, the IP address to hide the data’s actual source. (There are even legal tools you can use to hide your computer’s IP address so that you can surf the Web anonymously.)
CyLab fast Internet Traceback (FIT) technology can follow every package as it moves over the Internet “, like a trail of breadcrumbs”, says Adrian Perrig, Assistant Professor of electrical engineering and computer science at Carnegie Mellon. With FIT would get each package has a small selection, to it as it passed a machine through a router and forwards relay Internet traffic.
These tags enable computer forensics experts routers would, through a package had passed ultimatel affiliation on the computer that originally recognize data if it was Ivan, a botnet or a youth only anger and choke off. But for FIT to work, Perrig estimates at least one third of the Internet around 100,000 router updates, a process that would take many years and billions of dollars cost needs. Even tracking packages you would get only so far, says Bruce Schneier, founder of the California-based consultancy Counterpane Internet security.
“It is easy to prove that your computer doing something, but it’s hard to get from your computer”, he explains. That is the chain of evidence breaks, if you prove Ivan’s fingers on the keyboard to try it. You need a way completely his identity authentication and biometrics. But this in turn give rise to serious privacy concerns. Do you see really Uncle Sam or your boss where you go on the Internet? What if you’re a political dissident in the Iran or China?
CyLab has policy experts who deal with these types of issues, which may prove harder to solve than the technical ones, given the international nature of the Internet. Achieving a survivable, self-healing Internet will be difficult-but not impossible. “If you want to eradicate disease from this earth, the problem is insurmountable,” Khosla says. “But if you want to eradicate smallpox, polio, measles or malaria, each problem is very difficult, but on their own, none are insurmountable.”
Three More Security Solutions
Promising weapons in the fight against identity thieves and computer-killing viruses
A way to use biometric security in your cellphone to verify your identity
Who: Carnegie Mellon CyLab
Problems addressed: Identify theft, fraud, unauthorized access
How it works: Before you can log on to, say, your online bank account, the computer sends a message to your phone to verify that you should have access to that account. You type a PIN into the phone and use the phone’s camera to take a facial-recognition scan. The phone delivers the information to a server, which gives the go- ahead to your bank’s Web site to let you log in. An early version of this system opens doors at CyLab today. The technology, named for telekinetic “X-Men” character Jean Grey, could ultimately replace passwords, security badges
and the keys in your pocket, says Mike Reiter, CyLab’s technical director.
When: A few years
More info: www.cylab.cmu.edu
Software that can recognize and stop never-before-seen viruses
Who: Microsoft Research
Problem addressed: Rapidly spreading viruses
How it works: Vigilante is a small program that sits in a computer’s memory and constantly scans for suspicious behavior. Once the program recognizes an attack, it generates a security alert to other machines on the network. They then create a
filter so they can identify any mutations of the attack and stop them from executing-
no human intervention needed. “If you want to contain fast-spreading attacks, humans simply can’t be involved,” says lead researcher Manuel Costa. “It takes them too much time to look at things.”
More info: research.microsoft.com/vigilante
A system that confirms users without revealing personal data
Who: Internet2 consortium
Problems solved: Identity theft and protecting online privacy
How it works: Shibboleth passes on only the barest minimum of personal information needed to sign on to a site or to complete a transaction without your having to disclose your identity. Penn State University students use it to log on to a free legal music download site. Shibboleth ascertains that they’re enrolled students without matching their names to the music they’ve downloaded. By giving out less information, you reduce your risk of identity theft, says Ken Klingenstein, director of Internet2′s Middleware Initiative.
More info: shibboleth.internet2.edu
Who Are These Criminals?
Meet the Internet’s new bad guys. Where once “script kiddies”-young amateur hackers-wrote viruses just to cause havoc and show off their skills, they’re now building “zombie farms”-armies of PCs controlled from afar-and renting them out to the highest bidder on underground forums you’d never find with a Google search. Increasingly, they’re being hired by organized crime syndicates to steal identities and hold corporate Web sites hostage.
“Ten years ago we talked about the Internet as the Wild West,” says Peter Swire, a law professor at Ohio State University and a former top privacy official in the Clinton administration. “Now it’s more like gangland Chicago in the 1920s. The threats come from organized crime, not lone cowboys.”
These cyber-crooks may be dispersed across the globe, each with his own specialty. “This is not your traditional La Cosa Nostra type of organized crime,” says Dan Larkin, unit chief for the FBI’s Cyber Initiative and Resource Fusion Unit in Pittsburgh. “In many cases, they don’t know each other personally, just by trade and screen name.”
These gangs in turn may be linked to criminal groups in Eastern Europe, West Africa and South America, Larkin adds. And although international cooperation is steadily improving, he says, pursuing and prosecuting cyber-criminals thousands of miles away remains an enormous
If a criminal lives in Eastern Europe and the local authorities have more important crimes to deal with, there’s not much that can be done, admits Jody Westby, CEO of Global Cyber Risk, a Washington, D.C.” based security consultancy. And what might be illegal in the U.S. isn’t necessarily outlawed overseas. “Cyberspace has no borders, but law-enforcement agencies and diplomats do,” she says.
Worse, international crime outfits are beginning to pool their efforts, making them even more of a threat, Westby says. “The Nigerians, who are expert at taking over accounts, are cooperating with the Chinese, who are expert at counterfeiting. We’re facing a more sophisticated criminal operating environment, yet we’ve not gotten more sophisticated in our ability to catch them. They have an advantage, there’s no question.”