Vendors and industry watchers that issue warnings about new viruses or impending denial-of-service and other attacks are often pilloried for going over the top. While there can be an element of "cry wolf" from some vendors, often the criticism is levelled because a predicted attack does not occur.
So the FBI, having seemingly done the world a great service by preventing what could have been a real disruption to global business, is all but powerless to bring the suspects to book.
Ian Melamed, chief technology officer, SatelliteSafe
Certainly this has been the case with the "zombie" denial-of-service attacks planned for execution late last year. In these attacks, a large number of servers had been compromised and they were seemingly being readied to beam vast amounts of bogus traffic at unsuspecting Web sites.
Then there was the dire pre-Christmas warning of viruses that could wreak havoc. That also didn`t happen, and companies were criticised for issuing warnings.
Because the attacks and viruses did not take place, many people believed the actual warnings were sensational in the extreme. Now it transpires the FBI had worked around the clock at year-end to prevent a co-ordinated Christmas and New Year`s Eve denial-of-service and virus attack. Seven juvenile hackers were under investigation for allegedly plotting a series of virus and widespread denial-of-service attacks. Three of the hackers were in the US and four based abroad.
The FBI, operating under the conviction that the hackers had been responsible for several similar attacks, performed pre-emptive search warrants in the period prior to the festive season to prevent the planned attacks.
Here`s the rub: it`s not only difficult to prosecute minors; it`s almost impossible to prosecute them for crimes that didn`t actually take place. US laws stipulate that damages of more than $5 000 must have accrued before a felony charge can be levelled.
So the FBI, having seemingly done the world a great service by preventing what could have been a real disruption to global business, is all but powerless to bring the suspects to book.
We do live on the edge in today`s e-centric world, don`t we?
* Melissa, the second most destructive virus of all time, after ILoveYou, is back, and this time it`s reached the world via an Apple Mac. It entered the world as a Macintosh-formatted Microsoft Office (what else?) document. Dubbed Melissa-X or Melissa 2001, it will reach you as an e-mail with the subject heading "Here is that document you asked for... don`t show anyone else ;-)". It entered the wild after an Office 2001 user saved a document infected with the virus as an Office 2001 file. It was sent to a Windows 97 user, who opened the infected e-mail and began the process of global distribution. The new Melissa can be spread via PC or Macintosh, but only Windows PCs will send mass e-mail copies. As always, be up to date with your virus definitions if you want to avoid infection.
* And now news of an Internet worm, compiled from widely available hacking tools, that has compromised any number of Red Hat Linux servers. The self-spreading Ramen worm uses two well-known Linux security flaws, and was created by Internet vandals, also known as script kiddies. It is low on the list of nasties: it has a big signature, and is easy to track and trace. It scans the Internet for Red Hat 6.2 or 7.0 servers and then attempts to gain access. If successful, it installs a root kit, patches the security holes and installs programs that replace common system functions, and replaces the main page on Web servers with an HTML file stating: "RameNCrew--Hackers looooooooooooove noodles." Than it sends an e-mail message to two Web-based accounts, boots up and starts scanning the Web again. Nuisance rather than problematic, but you have to ask: why go to all this trouble to leave such idiotic messages?
* Good news for a change. A new private vulnerability sharing organisation, IT-ISAC, has been formed under the leadership of Internet Security Systems (ISS) along with 19 other companies. This is not the first time sharing organisations have been formed, but they`ve not really worked to date. However, ISS leads the industry in discovering vulnerabilities. Part of its mandate is to keep vulnerability information from attackers, so it means they will have to keep information from the public also. It will be fun to see what the various privacy organisations have to say about this one!
(Sources: Newsbytes, HNN, Computergram, Silicon.com and CNet.)
Share
