Hackers come, hackers go: Don't get used to it!
It's an all-out attack by Chinese hackers!
OK, maybe it's not "all-out." But it's causing millions of dollars of damage.
OK, maybe not millions. But we should all be alarmed, right?
Well, maybe a little, but not much, according to Rob Clyde, of Symantec, one of the leading US software-protection and antivirus companies.
Mr. Clyde, who has been called "The Father of Intrusion Detection," says we need to be alert and to make sure our computer networks are properly protected. But we don't need to panic, in spite of what the mainstream media has been saying.
"Measured against what's happening, it's just background noise, with an interesting Chinese twist to the story because of the spy-plane incident," says Clyde.
When Clyde refers to "What's happening," he is talking about the 30 to 50 sites that are defaced by hackers every day, regardless of "hacker wars" with the Chinese. Clyde gets this statistic from attrition.org, a site that tracks site defacements. Last year there were about 6,000 defacements. Clyde says that number will probably exceed 8,000 this year.
"If the Chinese could spray paint 'The US stinks' on the White House, they would, but they can't," says Clyde. "It's the cyber-equivalent of spray painting a message on a government building that you're protesting. And in most cases, sites that are defaced are back up in an hour."
More serious, says Clyde, are Chinese threats of denial of service (DoS) attacks. These attacks can crash an entire computer network. Several US media outlets are reporting that there was a DoS attack launched against the nonclassified US Pacific Fleet network last week that succeeded in bringing it down for almost 12 hours.
Clyde won't come right out and say that he thinks the Chinese government is behind the attacks, but it probably knows what's going on.
"They have much tighter control over their telecommunications structure than we do. But who's to say that all the Chinese hackers are in China?
"When Israeli and Palestinian sites were being defaced, we found that many of the hacks were coming from the US," he says.
While the Chinese problem is "intriguing" to people at the moment, Clyde is more concerned about the overall problem of the number of businesses that are still unprotected against all types of intrusions by hackers.
"There are still many, many systems that are connected to the Internet that still have not put security in place, even now," says Clyde.
Symantec's website offers a service that allows people to check to see how secure their computers are. Of the people who used the service last year, 48 percent had no protection. And almost one-third of those actually had a virus in their computers.
Part of the problem that computer users now face is that it is much easier for "script kiddies," or nonexpert hackers, to put together programs that can cause real damage to a computer network. According to Clyde, there are more than 30,000 sites where hackers can find point-and-click hacker tools.
Most people and businesses, however, can protect themselves quite easily.
"First, use a firewall. Second, use antivirus software. You should use these things at both the first level of entry into your network, and on individual computers.
"Finally, use better passwords," Clyde says. "Probably 20 to 30 percent of all sites are easily hacked because they use obvious passwords."
Tom Regan is the associate editor of csmonitor.com, the electronic edition of The Christian Science Monitor. You can e-mail him at csmbandwidth@aol.com.
(c) Copyright 2001. The Christian Science Monitor
