The Cyberworld Contains Hacker Traps

May 24, 2002
Print
Text Size:
A A
GRAND RAPIDS — One of the nastiest things that can happen to a firm nowadays is to be … well … cyberused or cybersuborned.

It’s fairly common, in fact, to read of corporations or even occasionally of households whose servers or personal computers have been seized and used by third parties to perpetrate fraud or spread pornography via the Internet.

Well, techies have ways of dealing with some of these parties, and they cooperate with the FBI.

The victims of cyberattacks most frequently are firms or families with a constant Internet connection — which means a constant public presence on the net — and who thus are vulnerable 24/7 to prospective hackers.

And what gets so nasty is that the victims can be utterly unaware that criminals are using their hardware and software — until, that is, they start receiving e-mails from indignant readers or, sometimes, knocks on the door by law enforcement authorities.

Those victims’ lack of awareness, however, in no way absolves them from legal or civil liability for crimes or losses that parties unknown have wrought with their computer property. In fact, a corporation that has failed to exercise due diligence in protecting its computer network from intruders reportedly may be a tort lawyer’s dream.

In fact, insurers are beginning to key rates for negligence coverage to cybersecurity  — one of the reasons cybersecurity corporations have come into being.

Such firms only detect such attacks, but also obtain identification elements they can relay to the cybercops.

One of the techniques security firms employ is a software device called a honey pot. It’s a device that can turn the tables on would-be hackers.

A spokesman for Grand Rapids-based Internet Threat Management (ITM) Technology recently explained to the Business Journal how such a device works.

According to Rick Foote, computer security officer in the company’s branch in Arlington, N.J., a honey pot is a lure designed to attract hackers just as honey attracts flies — or, better yet, a Venus flytrap.

“It’s an Internet-attached server that acts as a decoy,” he said.

“It lures in potential hackers in order to study their activities and monitor how they are able to break into a system.”

He said that honey pots mimic systems that hackers would like to break into, but they limit the intruder’s access while giving the intruder no hint that he’s being monitored. An analogy in the physical world might be an infrared surveillance camera tracking a burglar in the darkness.

Foote explained that a honey pot is particularly alluring because it’s often installed within a firewall, deceiving the hacker into thinking he actually has gained access to the network that he has targeted.

He said that by luring a hacker into a system, a honey pot enables the system administrator to watch the hacker test the system’s vulnerabilities. The hacker in effect is teaching the administrator about the holes and the weak spots in a system’s barriers, so that they may be repaired or redesigned.

The hacker, meanwhile, also is revealing key things about his own cyberidentity, so that the security firm can hand off data that enable authorities can take the case from there.

The worlds of cyber crime and burglary of property seem startlingly similar.

Earlier this year, a marketing manager for ITM Technology — John Pritchett — told the Business Journal that cybercrime and cyberattacks happen in exactly the same way as physical crimes or attacks. 

“You get people casing the joint,” he said.

“In the physical world, someone will walk past your place and check it out. People will rattle the doors and test the windows and occasionally people get in and start causing trouble.”

In the cyberworld, he explained, criminals scan address after address on the Internet, probing to gain access. The act of scanning — of walking by and rattling the doors — is a remarkably easy process.

Pritchett said the most disturbing thing about a successful break-in “is less the damage they do to your property, but that they use your networks as a launch pad to attack somebody else. And you have no idea what’s going on unless bells start ringing.

“Our mission in life,” he said of ITM, “is to enable customers to have someone looking at their network all the time to see what’s going on — what kind of traffic is going across those networks and which of that activity is malicious.”

He said a firewall is akin to a deadbolt lock. “It’s a good device,” he said, “but it won’t keep somebody from coming though the windows.

“We’re like the ADTs of the physical world — we wire your windows and everything else.”

Pritchett said that like every other industry, cybersecurity firms offer their clients differing degrees of protection at varying costs. Buying and installing a detector might run less than $1,000, and the cost of monitoring might run $500 a month.

More sophisticated systems require more intensive monitoring.

Just as in the physical world, he said, monitoring can be a hectic process, recalling the vacationing family whose household motion detectors sound the alarm at police headquarters every time a mouse scurries along a baseboard.

“And there’s no such thing as true security,” he said. “There’s no such thing as being 100 percent secure. But we’ve seen that some people have their heads in the sand when they really should take steps to reduce their vulnerability to attack.

“If they don’t make the effort,” he added, “it’s a lawyer’s dream.”

ITM’s nationwide security and monitoring services, he added, generate a significant amount of data that the firm must store.

And where better than with this town’s Underground Secure Data Center Operations, a data center located in an inactive gypsum mine.

Recent Articles by Scott Payne

Editor's Picks

Comments powered by Disqus