Spoutin' Off: An unsecure computer is part of the problem

By Michael Rau

January 14, 2008


Back in about 1970 or 1971, I remember seeing a movie called “Colossus: The Forbin Project”. It was a low-key sort of film about computers achieving sentience and taking over the world. There have been several good flicks with similar themes since, but I remember this one in particular because it scared the bejeezus out of me.

That memory coalesced again this week as I read about a rather frightening development in cybersecurity threats that ought to have us all feeling a bit shaky.

Most security analysts have pointed to a cyberworm called “Storm” as being the most pernicious security threat over the last year. This worm apparently has some unique features in its code that make it particularly aggressive.

Once infected with Storm, the worm turns your computer into a so-called “zombie”.

Such malware can then make your computer execute a number of predefined functions, such as pumping out spam in prodigious quantities.

In the case of Storm, it can apparently be used to instruct your system to perform a variety of predefined malicious tasks.

But what makes Storm particularly scary is this: Computers infected with Storm can be instructed to establish relationships with each other over the Internet, the result of which can be the creation of a huge online zombie network, referred to as a “netbot”.

According to a report in Forbes Magazine, a Finnish cybersecurity firm called F-Secure has been tracking the growth and utilization of a massive netbot involving hundreds of thousands of computers running the Storm worm.

They say evidence shows that the same servers in Russia that have been distributing the Storm worm are now being used to run a worldwide phishing scam, using fake Websites designed to gather information from customers of Barclay and Halifax Banks, two very large British banking firms.

What makes this interesting is that the software being used to run the phishing scam is considerably less sophisticated than the worm used to install it. F-Secure says they believe this indicates that the creators of Storm are renting out their netbot to other criminals.

So we've established that this worm can be used to create a zombie network of computers that can be loaded with executable software designed to perform a variety of tasks.

Now consider this scenario:

Suppose this network of computers is programmed with sophisticated software programmed to engage in a series of advanced attacks on cybersystems engaged in critical national security functions?

Perhaps you're skeptical that this can happen.

You'd be wrong. It's already happened many times.

If you were to scan news headlines over the past several years, you'd find a number of reports of security breaches in computer networks belonging to agencies such as the Department of Defense. Now granted - none of these have apparently been so bad that major damage has been done, but doesn't it seem reasonable that the threat is extreme? If hobbyist hackers can accomplish such breaches, doesn't it seem feasible that a sophisticated terrorist network could do worse?

In my opinion, it's important that you consider that question for two reasons.

The first is that you might be an enabler. The reason that hundreds of thousands of computers are a part of the Storm netbot is that those computers weren't properly secured to begin with, and haven't been properly maintained in terms of keeping them free of malware through regular systemic scrutiny.

Do you run anti-virus software? Are your virus definitions up to date? Do you scan your system regularly for malware? If not, you could be an enabler, and in the scenario previously described, could end up aiding and abetting a terrorist network in launching a cyberattack on a critical network.

Security analysts have been particularly concerned about Storm because it can apparently be spread through a variety of innovative methods, including attached PDFs, e-cards, and even YouTube invitations.

I don't know how to stress this strongly enough: If you spend time online, you need to exercise enough personal responsibility to secure your computer from infections like Storm. It's not easy, but it's not so hard that anyone has an excuse for not doing so.

The second reason we need to think about these threats is this:

We're in an election year, and in my opinion, our esteemed lawmakers have barely lifted a finger to help secure us from such threats.

I've pushed for years for stronger laws to deal with purveyors of malware, as well as more aggressive prosecution under existing statutes. So far, the governments attempt to exert any control over these creeps has been pitiful.

Will it take a full fledged assault by cyberterrorists before anyone in law enforcement gets off their butt and does something?

You can make the difference by asking potential candidates for public office what they know about and where they stand on this issue.

Make sure anyone you vote for understands the threat and plans to take a stand in terms of going the extra mile to secure cyberspace.


Michael Rau is a mass-communications consultant in Virginia Beach. To send feedback or view past columns, go to http://dailypress.asoundidea.com.


Copyright © 2008, Daily Press