[July 19,
1999] E-Breaking And Entering,
Via Broadband
Last night, a burglar broke into my home. He stole my most sacredly held possessions,
vandalized my personal space, took my credit cards, and left without a trace. When I
learned what had happened, I felt violated. How could this happen to me?
The scenario above is contrived, but had my ordeal been real, I wouldn't have contacted
the police and filed a report. Why? I knew there were no fingerprints. No clues to trace,
no footprints, no traces of blood, no DNA to use as a genetic fingerprint, and surely no
gloves at the scene of the crime that could be matched up with a suspected assailant. How
could I be so sure?
Simple. The entire crime I just described took place electronically -- no breaking and
entering, no broken glass, and no physical traces that are usually associated with crimes
of this genre. This is cyber crime at its best, e-breaking and entering so to speak -- and
it's brought to you courtesy of the latest generation of broadband Internet access
solutions, AKA cable modems and DSL connections.
I remember the mixed emotions I had when our first servers at TMC were connected to the
Internet. Sure, firewall technology is always improving but hackers become more clever by
the nanosecond and the common belief in the IT community is that if someone really wants
to break into your computer system, they will. In fact, one of our Linux machines did get
hacked recently and our own webmaster Robert Hashemian tells the tale of tracking a hacker
in his Reality Check column "Hacker Attack: Are You Next?"
in Internet Telephony magazine. Even our own government who (theoretically) has
unlimited resources to fend off hacker attacks regularly has its systems broken into.
Perhaps I shouldn't have been surprised, but when one of my coworkers told me they read
about a case of someone's home computer being hacked through a cable modem connection, my
jaw dropped. The hacker's victim wasn't a server -- the typical hacker target -- but an
unsuspecting client. A client isn't a machine you automatically think might be at risk of
an incoming hacker attack. Of course, the reason our office computers make a relatively
easy target for hackers is that they have a fixed IP address as well as a high-speed
connection. A hacker can do a great deal of damage in a short amount of time at
multi-megabit connection speeds -- that is, once they've broken in. There is always a
certain amount of danger that comes with putting any computer (no matter how tight your
security) on the Internet.
Last week at a TMCnet.com appreciation lunch I
mentioned the topic of cable modem security and I began to explain the potential for
hackers to break into computers connected to cable modems. I expected my coworkers to be
as surprised as I had been, and to thank me for my cautionary advice. Instead, two of the
six people in my immediate vicinity told me they already have cable modems in their house
and that they also have home networks with Linux boxes as firewalls! I tend to think that
people who work at TMC with Linux-based firewalls in their homes must be the exception
rather than the rule. A cursory search on the Web for issues concerning cable modem
security didn't result in an overwhelming quantity of hits, so I believe the security
issue still needs more explaining to the general public.
The situation gets worse quickly as you start to think about the ramifications of the
hacker who penetrates a home based network loaded with networked devices. Indeed, one of
TMCnet.com's columnists Laura Guevin recently wrote about the networked home in her column
titled "A Better
Coffeemaker Through Smart Networking." In this column, she describes the bright
future available to all of us once our electronic devices are connected to our home
networks: Easy and automated control of home alarm systems, coffee makers, lights,
televisions, climate control, and other appliances.
After reading Laura's excellent column and thinking about the potential for home
computers with broadband connections to be hacked, I started to think. Can a hacker who's
broken through a broadband connection have access to everything connected to my networked
home? The answer is a resounding YES. Beyond that, they may have access to your e-mail,
and everything else on your computer. Given access to your machine, a clever enough hacker
can also trick you into disclosing your most secret passwords -- giving them access to
every system you have access to. They can even disable your home alarm and then rob you.
There are some simple things you can do to protect yourself form the possibility of a
hacker attack. First, close up all of the obvious security holes in your system. Hackers
often use tools that scour the Internet for computers that have weak security and compile
a list of these low security systems for later hacking. Here are a few obvious tips to
help you brush up on security. Please do not use the remainder of this column as the heart
of your enterprise security policies but do use it as a starting point. Realize that no
matter how secure you think your computers are, hackers are forever looking for more
security holes in your OS to breach. This is one of the reasons that NT systems are a bit
more difficult to hack than UNIX as the latter are open source and as such, hackers know
the ins and outs of the OS internals and have an easier time finding security holes.
The first thing you want to do is go into your Windows help file and locate information
on access control. This will give you a good overview of how Windows file sharing works.
Assuming there is no reason for any other computer to be accessing the files on your
hard disk over the network, make sure you configure Windows as such. In Windows 98, go to
your Control Panel and then click on Network. Look for the network component that connects
to your broadband connection. In my case, it was labeled:
TCP/IP --> 3Com-3C574-TX_Fast_Etherlink_PC_Card
Once you find the correct component, click on "File and Print Sharing" and
disable file sharing access to your computer. You should also go into Windows Explorer and
right click on your drives to make sure they aren't being shared without your knowledge.
The above steps just clear up the obvious security entry points. You should definitely
look into installing appropriate security software on your computer to protect yourself
further. Check Yahoo for a list
of firewall companies. Most of these solutions are overkill for the home but I suspect
that this is a good starting point into the new world of personal firewalls. Also, make
sure all of your passwords are long, consist of letters and numbers, and try not to use
words found in the dictionary as your password.
Finally, I will ask that service providers start acknowledging to their customers that
a security threat is possibly opened up, every time you connect a computer to a fixed IP
address. Furthermore, they should help their customers protect themselves accordingly.
Please feel free to forward this column to your service provider in the hopes that they
will start to acknowledge the potential security threats they are helping to open into our
personal computers. As a member of the media, I would rather write about the positive
aspects of technology and thwart the negatives such as extensive cable modem and DSL
hacking before it even begins.
And on a related note: If you want to read an amazing book that will keep you on the
edge of your easy-chair and also help educate you about potential hacker attacks, please
check out the The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage.
You can purchase
it from Amazon.com.
Rich Tehrani welcomes comments at rtehrani@tmcnet.com.
|