Is there any connection between the burgeoning computer hacking and virus activity and September 11th and its aftermath? The answer to this is not so clear.
What is clear is that America's critical information-technology infrastructure is being attacked. Though no lives have been lost in this struggle, huge amounts of money are being wasted trying to ward off and recover from the onslaught.
In 2001 the rate of hacker attacks—attempts to gain unauthorized access to a computer system or its data—is more than double that of the previous year, according to the latest figures from CERT, the government-funded computer emergency group at Carnegie Mellon University.
The cost is particularly high for cleaning up after attacks from viruses and worms—malicious computer code often sent through e-mail that can, at worst, destroy all the data on a computer system. The worldwide cost reached $17.1 billion in 2000, a 41 percent increase over the previous year, according to Computer Economics, an information technology research firm.
EVERYONE'S AT RISK
Businesses can have the most to lose, but individuals are at risk too. Before last year, despite heavy Internet use, I rarely saw a virus. Lately I've been subjected to an average of one attack a week, all of which have been thwarted, thus far, by anti-virus software and my cautious handling of e-mail attachments.
Nobody has yet established a link between cybervandalism such as this and the terrorist attacks on the World Trade Center and Pentagon. There doesn't seem to be any significant change in malicious Internet activity related to September 11, says Marty Lindner of CERT. Recognizing the threat, however, President Bush has created of a government panel to look at ways to protect against cyberterrorism.
Circumstantial evidence indicates that many Internet attacks may be coming from abroad. A large percentage of the e-mail messages I've received with virus or worm attachments, for instance, appear to originate from those who have only a tenuous grasp, at best, of the English language. One infected e-mail message had a subject line that spelled "anthrax" as "antrax." But virus writers like this one are likely just piggybacking on the terrorist attacks. The warped get attention and a feeling of power by stirring hysteria this way.
It has also been shown that many hacks and viruses in the past have come from within the United States, so premature conclusions should be avoided. Xenophobia has its own negative effects.
Regardless of where Internet attacks originate, you need protection. One rule of thumb is to never open an e-mail attachment if you don't know the person it comes from, or if you're not expecting it from someone you do know. Viruses can trick you into thinking they're legitimate files sent by people you know.
The latest worms—worms are viruses that can spread without human involvement—don't even require you to open an e-mail attachment to do their dirty work. The recent Code Red and Nimda worms exploited vulnerabilities in Microsoft's server software. Microsoft Outlook is another frequent target.
If you're connected to the Internet, you need anti-virus software, and as protection against hackers you need a firewall, particularly if you have a cable or DSL modem or are part of a local area network.
The best regarded anti-virus program for some time has been Norton AntiVirus from Symantec (www.symantec.com). The company also makes an excellent firewall called Norton Personal Firewall and other security programs for individuals and businesses. But an even better firewall program for individuals is ZoneAlarm from Zone Labs (www.zonelabs.com).
Businesses sometimes need enhanced protection, and computer security consultants have been quick to respond to post-September 11 security fears. Businesses are expected to remain in business, despite short-term constraints on spending from recession concerns.
The worldwide market for information security services is projected to triple to $21 billion by 2005, an annual growth rate of 25 percent, according to a recent report from IDC, an information technology research firm. Much of the growth in spending is predicted to take place within small businesses and the financial services sector.
Whatever security approach you take, keep current by installing patches and upgrades as they become available. Also, prepare for data recovery if disaster does strike.
Finally, protect yourself from hoaxes as well. Vmyths.com (www.vmyths.com) is one of a number of sites that can prevent needless hair-pulling.
Reid Goldsborough is a syndicated columnist and author of the book Straight Talk About the Information Superhighway. He can be reached at email@example.com or http://members.home.net/reidgold.