Forwarded From: Synthe Omicron <synthe@ronin.net>
# For ISN, taken from _BusinessWeek_, August 24-31, 1998, p. 34
# Transcribed by Synthe Omicron.
The Internet
============
NOW ANY HACK CAN BE A HACKER
A bit of free software is giving computer-security experts fits
---------------------------------------------------------------
Just when computer users are recovering from scare stories about security
holes in E-mail programs -- and suppliers are finishing fixes to plug them
-- here comes an even more worrisome problem. On Aug. 3, a hacker group
known as the Cult of the Dead Cow began distributing Back Orifice, a
program that can wreak havoc on PCs running Windows 95 and 98. Once
installed, the software makes it possible for an outsider to see what's on
the screen, read keystrokes (passwords, or credit-card numbers, for
example), and install or delete programs. So far, the group claims 50,000
copies of the free program have been downloaded from its Web site. "This
is a breathtaking tool," says Susan B. Levy Haskell, a computer security
manager at the University of Minnesota. "It's going to nail Corporate
America to the wall."
Worse, it's a breakthrough in easy-to-use hackware. Computer-security
experts say that the software is as simple to use as any Windows program
and turns the novice into an instant -- and potentially dangerous --
hacker. That raises concern that insider attacks, which already account
for some 70% of computer crimes, could become far more likely. "You've
just made a lot more people capable," says Patrick Taylor, director of
marketing for Atlanta-based Internet Security Systems Inc.
"SUBSTANTIAL DAMAGE."
What's behind this nefarious development? The Cult of the Dead Cow says
that it released Back Orifice to raise awareness about security problems
with Microsoft Corp. programs. "Back Orifice will force Microsoft to sit
up and take notice," says Deth Veggie, a member of the group who says his
real first name is Luke.
Microsoft is taking the program seriously. The software giant has 300
employees trying to secure all its software products and is working with
security companies to devise ways to detect the Back Orifice software. As
Edmund Muth, Microsoft's product manager for security, concedes: "This is
the kind of software that could produce very substantial damage to
someone's computer if it were installed."
And installing the software isn't so difficult. Computer security experts
say the program -- which is remarkable tiny -- can be hidden within an
attachment to an E-mail message. Once the unsuspecting recipient clicks on
that file, Back Orifice installs itself and can begin transmitting
information back to the sender.
Various security holes -- including the recently discovered problems with
E-mail programs from Netscape Communications, Microsoft, and Eudora -- can
also be used to sneak the software onto a machine. Experts say that
software patches released to fix bugs in the E-mail programs, for example,
will prevent hackers from exploiting the programs' flaws to install Back
Orifice. But, they warn, many companies are slow to incorporate software
fixes, while others ignore updates altogether. "How you get this installed
is actually quite easy," says Drew Williams, manager of the InfoSecurity
SWAT team for Axent Technologies Inc.
Computer-security companies are developing antidotes. the program can be
detected by scanning computers for a communications line that may be open
and sending data. Regardless, experts warn that it's dangerous to open
E-mail from people you don't know. "If I don't know what it is, I don't
open it," says Charles C. Palmer, manager of IBM's network security group.
For now, that may be the best safeguard.
By Ira Sager in New York
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
Received on Wed Aug 19 09:40:49 1998