January 30, 1995 in Nation/World

New Technique Used By Hackers Vexing Experts Security Packages For Internet Are Proving Easy To Overcome

Mike Mokrzycki Associated Press
 

Hackers have discovered a new way to “hijack” computer systems linked to the Internet, threatening security to millions of computers in the global network, authorities warned today.

Many systems that were thought to be protected by sophisticated hardware and software “firewalls” are now vulnerable to theft and eavesdropping, said an official at the government-financed Computer Emergency Response Team said.

“Even when you bought a security package for the Internet … there is no security” from the new type of attack, Tom Longstaff, manager of research and development at the CERT coordination center in Pittsburgh, said in a telephone interview this afternoon.

Intruders using the new technique can copy or destroy documents or do other damage by masquerading as an authorized user, CERT said in an advisory distributed this afternoon on the Internet.

“Once the attack is completed, it is difficult to detect,” the advisory said.

An unknown number of attacks already has been reported, Longstaff said.

The New York Times reported that the new type of hacking began on Christmas, when an unknown intruder or group broke into the computer of Tsutomu Shimomura, a computer security specialist at the San Diego Supercomputer Center.

The Times said the culprit or culprits controlled the computer for more than a day and electronically stole a large number of security programs.

About 20 million people use the global Internet, and in coming months it’s expected to continue growing rapidly as a medium for commerce.

Experts fear the new type of hacking could result in widespread theft of merchandise, credit-card numbers and digital “cash” unless businesses take better security precautions.

“Essentially everyone is vulnerable,” James Settle, a former FBI computer crime expert who is now an executive at the Inet Corp., a computer security firm, told the Times.

The intruders fool computers into believing that a message is coming from a trusted source, using a method known as Internet protocol spoofing. By posing as a familiar computer, an attacker can get access to protected computer resources and seize control of what was considered a well-guarded system.

Classified government computer systems are not thought to be at risk because they are not directly connected to the Internet, the Times said.

The Internet originally was created by academic researchers to share computer data easily around the world.

The advisory listed brands of computers that are vulnerable to Internet protocol spoofing and said some types of networks already include filters that should prevent the attacks. For other brands, a filter must be installed.

The solutions are difficult, Longstaff said. “Sometimes it’s hard to understand why you’re doing a solution, even for experts, which is what makes this particular problem so insidious.”

Get stories like this in a free daily email


Please keep it civil. Don't post comments that are obscene, defamatory, threatening, off-topic, an infringement of copyright or an invasion of privacy. Read our forum standards and community guidelines.

You must be logged in to post comments. Please log in here or click the comment box below for options.

comments powered by Disqus