I have noticed more and more reports in the news about how prolific Internet predators are. Here are a few of these stories.
Video about Match.com on CNN
http://www.cnn.com/video/#/video/tech/2007/07/25/chernoff.sex.predators.cnn
Articles about MySpace
http://www.pcworld.com/article/id,135051-c,webservices/article.html
http://news.yahoo.com/s/ap/20070725/ap_on_hi_te/myspace_security
By K Carson
I have personally been a victim of ID Theft. ID Theft is when a criminal assumes the identity of another person to avoid prosecution or to steal. Until this time, I was one of the people that thought it could not happen to me. After having to hire a lawyer and receiving hundreds of phone calls from creditors, I was able to clear it from my records. This does not include the hours spent searching the Internet for help. There is no way of knowing exactly where the thief’s retrieved my information. All the aggravation and feelings of being violated that come with the problem were the hardest things to deal with. My case was only a few thousand dollars; some cases have reached into the millions and can take decades to clear a persons credit records.
My parents were also victims of ID Theft. Their case lasted about 3 years and involved the FBI. They have spent over ten years clearing their credit and still to this day have things crop up on their credit report. They were one of 11 victims in this case. By the time the FBI was done tallying the damage, their case alone was close to 2 million dollars. In total the theft ring took in was over 10 million in cars, homes and cell phones. Malcolm Byrd’s ID theft case really drives home the point. It is so easy for a victim to understand the fear that Malcom feels when he says,” “I don’t feel safe now. When we drive I feel uncomfortable,” Malcom goes on to say. “It’s affected our lives enormously (Sullivan, 2003).” Malcolm was arrested when a drug dealer used his name.
During my searches of the Internet I found how easy it was to gain someone’s personal information. With only a last name, birth month, and day a thief can obtain drivers license and/or a social security number of his victim (De Smet, 2004). There is another site that can give a thief US Postal Money order numbers, Traveler check numbers, and more (Gallian, 2005). This is all an ID thief needs to ruin a person’s life by assuming their identity. Most web site’s ask a user for that little bit of information just to use tech support or sign up for other services. It only takes one hacker running a simple program to get the information a user sends.
It is not just electronic sources that are the only problem. Banks have been known to not shred records, leaving sensitive personal information exposed. Criminals wanting personal information will dig in bank trash bins looking for victims. A computer user can only do so much to protect themselves. People have to be able to rely on companies that ask for personal information to keep it safe, protecting it as if it were their own. If companies can not do this, they should stop asking for it.
The Internet is exploding in our society today, our lives depend more and more on computers and the Internet for daily life. People use computers to shop, communicate, and do worldwide business. Home computers and the Internet even allow some people to work from home and earn a living while taking care of the family. As the Internet grows, so do the security risks for home computer users.
Not long ago, Internet security was not a concern for most home PC users; an after thought at best for most home users. Today, computer users should take responsibility for their own personal information security. Internet service providers and software programmers can only do so much to help protect users. With the high rise of identity theft these days, computer users must take it upon themselves to secure their personal information. Sara Granger makes a good point when she says, “today simply having your Microsoft (R) Windows (TM) computer turned on is enough for it to get infected with the latest virus or worm (Granger 2003).”
After a major breach of security, Guidance chief executive officer John Colbert said, “Guidance's EnCase software is used by hundreds of security researchers and law enforcement agencies worldwide, including the U.S. Secret Service, the FBI and New York City police”(Krebs, 2005). Because of this break-in, Guidance no longer stores credit card information. Colbert also points out that this should be a signal that nobody is safe. If these companies are not safe, how can a home computer user even come close to being safe on the Internet? The answer is, there is no 100% sure way of keeping data safe.
The complacency and lack of knowledge of most home users only helps a hacker break into larger computer systems (Granger, 2003). Education is the key to help even the most novice user secure a home PC. With an over abundance of programs it is easy to get frustrated without knowledge of what programs are legitimate. It is too easy to download the wrong one and infect a PC. It is like playing Russian roulette with your personal information and computer. If a user is unsure of what they should use, it is always best to consult a professional at a local computer store.
Some of these, so called, Anti-Spyware, Anti-virus, and other help tools are just Trojan’s. Trojans are just what the name implies, programs that disguise themselves as a useful tool. In reality, it contains malicious code to help gain access to a computer or destroy files. These so-called companies will hook people into buying their software with a pop-up scare ad. This ad will usually warn a user that it found a virus on a user’s computer. The ad will state that by buying their program it will remove the virus or spyware. Do not believe them and do not panic buy. If a user sees a warning like this, the best action is to scan the computer with the anti-virus software already installed. If the anti-virus has not been updated recently, make sure to update it before any scan. If that shows no problems, ignore the pop-up warning.
Programmers need to test software for possible security holes and exploits thoroughly before they market the product (Evers, 2005). Not to imply they do not do it now, more time needs to be spent on this issue. This would raise the cost of the software and cause delays. The tradeoff being, that the software is thoroughly tested and secured.
Internet service providers or ISPs have recently barraged people with ads stating they will keep a user safe. ISPs have made some great strides in securing their networks and trying to offer a safer product. But, it is the user behind the keyboard that is in ultimately responsible. ISPs like programmers can only go so much to protect the end users. If users do not update anti-virus and anti-spyware they already have loaded, they may as well save the hard drive space and remove it. There is not an anti-virus or other software protection that is going to offer any security without being current (Metz, 2006). Many new exploits are found daily and a user’s protection cannot stop a virus or spyware if the program has no idea the virus or spyware exists.
ISP’s and programmer’s can not stop the “Cracker’s” (Hackers with malicious intent) and “Script Kiddies” (malicious amateur hacker). If these people want into a PC or network they will find a way. Most will not bother hacking a PC if they meet resistance in the form of a firewall or other added security in place. This is simply because there are so many computers that do not even use a basic firewall for protection allowing Hackers to gain access without trying. Computer users cannot rely on ISP’s, software companies, and/or governments to protect every end user’s PC and personal information. It is just too easy to steal in areas outside the control of these entities (appendix, graph 12). This is not a case where one entity or authority can control the flow of information. If it were, it would violate the constitution and freedom of speech. It is for these reasons users must take responsibility for securing their own information.
It used to be that dial-up connections were safer than high-speed “Always on” connections. This is just not the case any longer. Though a high-speed connection such as DSL, Cable, and ISDN are exploited most often, dial-up services are attacked. What makes a dial-up somewhat safer is just the simple fact that when you go off line it will close the connection, where as DSL or Cable remains connected. This means that a hacker can potentially have access to a PC 24 hours a day 7 days a week. This also allows for faster transfers of information the hacker is trying to steal. When a person adds a wireless router to a home network security risks increase.
Wireless networks are the easiest to penetrate even with the advancements in securing them. The average computer user will not know what WEP, WPA, and SSID are, let alone begin to know how to set these up. If someone is considering adding wireless to a home network they should take the time to learn about these few things that can help keep them safer. There is a practice called “War Driving” and it is not illegal. All that is required is a cheap antenna and a laptop with a wireless card. War Drivers go around looking for unsecured wireless networks, and there are many. They will either mark it on a map or put a chalk mark on the curb to make it easy to find again. They use these unsecured wireless networks to steal personal information or hijack your network for perpetrating attacks.
Now imagine if you will that you are the one saying, I don’t need to bother with Internet security. I don’t have any information hackers would want. You’re at home surfing the Internet. Suddenly there is a loud knock at the door. Opening the door you are met by 4 FBI agents. They state they have a warrant to seize your computer and arrest you for the distribution of child pornography. Because of the way wireless routers work this is a real possibility. The real shame is it would only take short time configuring the router and a free download of a software firewall to prevent it. A firewall is a must when connected to Broadband, DSL, or even dial-up. Those who use high speed Internet should also consider a Linksys, or other personal router between our PC’s and the Internet. If they are unsure how to do secure the router, they should call a professional in to do it for them.
Internet users are the ones on the front lines and it could be your freedom at stake. Take the time to talk to computer repair center you trust, or, a friend that has a good knowledge of computers. Ask them what they recommend to be safer when online. Most computer savvy people have their own cocktail of programs that they use. A good low cost solution is just keeping the Anti-virus program or suite a user run up to date. Some of these are PC-Cillin, AVG, Nortons, or McAffees. Add a software firewall like Zone Alarm or Black Ice. A user will also want to add spyware protection such as Spybot and Spyware Blaster. One other suggestion is to change from Internet Explorer to Firefox Browser.
Take the time to start curing this cancer of the Internet one computer at a time. The more secure a user makes his computer; the less likely they are of becoming a victim. It really only takes a few moments to secure a home PC, enough that most malicious computer hackers will just look for an easier target. A user’s best defense is knowledge and the update button. Take some time to review the survey in the appendix. The graphs show the highest risks in red and the lowest in green. Take a few moments to fill out the survey and compare the answers with the graphs. If you have more red than green in your responses, you could very well be a thief’s next victim.
References:
De Smet, Alan (2004) Driver's License Calculator: Michigan highprogrammer.com
Retrieved on April 15 2006 from www.highprogrammer.com/cgi-bin/uniqueid/dl_mi
Evers, Joris (February 04, 2005) Are You Responsible for Internet Security? IDG News Service Retrieved on March 15 2006 from
www.pcworld.com/resource/article/0,aid,119557,pg,1,RSS,RSS,00.asp
Gallian, Joseph A. (June 29, 2005) For All Practical Purposes Joseph A Gallian
Retrieved on April 15 2006 from http://www.d.umn.edu/~jgallian/fapp5/index.html
Granger, Sarah (11/19/2003) Home User Security: Your First Defense Securityfocus.com Retrieved on March 15 2006 from www.securityfocus.com/infocus/1746
Krebs, Brian (December 19, 2005) Hackers Break Into Computer-Security Firm's
Customer Database. washingtonpost.com Retrieved on March 15 2006 from www.washingtonpost.com/wp-dyn/content
Metz, Cade. (2006). The Sorry State of Security. PCmag.com Retrieved on March 15 2006 from www.pcmag.com/article2/0,1895,1916215,00.asp
Sullivan, Bob (March 9, 2003) The darkest side of ID theft MSNBC Interactive
Retrieved on April 19th 2006 from www.msnbc.msn.com/id/3078488
