Interesting People mailing list archives
INTERNET SECURITY BREACH -- it will happen again and again till it is important enough to fix it (li
From: David Farber <>
Date: Fri, 4 Feb 1994 14:15:00 -0500
From Washington Post (front page)
4 Feb 1994 Break-Ins Hit Huge Network of Computers Internet's Managers Act to Guard Security Tens of thousands of users of the Internet, the global computer communications network, last night were advised to change their security passwords following a rash of break-ins to Internet computers here and abroad. The federally funded Computer Emergency Response Team (CERT) issued the advisory, saying that thousands of passwords already have been collected illicitly by people using advanced surveillance software. The illegal collection may be continuing and accelerating, it said. Authorized users of the Internet must type in a supposedly secret password when they link their own computers to the network to send or receive information. anyone who discovers another person's password can enter the system as that person, gain access to their confidential files and destroy or alter them. The security breach raises the specter of larger ones in the future as technology permits a more advanced *information highway,: a high-speed channel for video, sound and text that the Clinton administration is promoting as a boon to the U.S. economy and society. *The highwaymen are taking over the highway,: said Eugene Spafford, a computer security specialist at Purdue University. CERT declined to give details of the incidents or to say where they had occurred. Neither would it comment on whether people had used the illicitly obtained passwords to destroy information or cause other damage. But it said it was sending out software that would strengthen Internet computers against such intrusion. An official at Rice University in Houston confirmed that that school had been hit. The operator of the campus's computer network began getting notice from other Internet systems of unusual events and cut off the university's network from Internet on the night of Jan 23. Investigators found intruding programs in several computers on the campus. To repaid the breach, they replaced more than 3,000 passwords, beefed up their computer security and repaired incidental damage. *We're keeping our fingers crossed in trying to get things up and running,: said Patrick Humphrey, a network operator at the university. the incident was first investigated by reporter David L. Wilson of the Chronicle of Higher Educations, a trade newspaper. It also has confirmed a similar event at Bard College in New York State. Computer security specialist Spafford said he had heard the number put at dozens in the last several months. The Internet serves an estimated 15 million people worldwide. It allows people to use their computers to exchange electronic mail, browse through distant electronic libraries and transfer pictures and sounds. Operators of Internet computers have been reporting scattered break-ins for several months, but the numbers had been viewed by many security experts as a routine hazard of running a network. Notable was Panix Public Access Network, a New York company that serves as a *gateway: to the Internet. computer security experts say the method of operation in the cases cited by CERT< the Internet's security overlord, is similar. All are aimed at large computers such as Panix's, which are wired to the Internet 24 hours a day. Individual users typically connect their home or office computers to the large one by telephone lines and through it gain access to the network at large. According to Vint Cerf, head of the Internet Society, a computer industry group, the CERT advice on new passwords does not apply to passwords that people use to dial up that *gateway: computers. It applies only to passwords used by people who, after making that first connection, then *reach out: across the network and sign on to a second machine. That second password travels across the Internet when the person types it in and is therefore vulnerable to interception. The password-collecting software exploits the same so-called *trap door: that a graduate student named Robert Morris used in 1989 to paralyze thousands of Internet computers. He sent out a so-called virus program that replicated itself and spread from machine to machine. In the recent incidents, unknown parties have transmitted to the target computer a so-called Trojan Horse program, called that because it is not what it appears to be. The program enters the computer on an apparently innocent errand. But in fact, it sits and monitors traffic passing through the machine. As people cross the Internet and *log on: to that computer, the program takes note of their names and passwords. It remains unclear who is behind the acts. But Spafford said that special software that can accomplish this has been written and apparently traded electronically among many people. The software is sophisticated enough to disable security features in the host machines that are supposed to sound an alarm when an intruder enters. Cerf predicted the incident would lead to new calls for security on the network. Simple passwords, he said, might be replaced with systems by which the password changes with each use.
Current thread:
- INTERNET SECURITY BREACH -- it will happen again and again till it is important enough to fix it (li David Farber (Feb 04)