Читать книгу OMG, Click here to get scammed! - George Grachis - Страница 3
History of the Computer and Malware
ОглавлениеThis book would not be complete without a look at these important historical events:
1969, ARPANET, the world’s first packet switched computer network, was established on October 29 between nodes at Leonard Kleinrock’s lab at UCLA. In 2006 it becomes the Nations largest University hack! (1)
1970 The Advanced Research Projects Agency (ARPA) launches ARPANET (Which later becomes the Internet)
1971 Ray Tomlinson writes the first email program and uses it on ARPANET
1975 Bill Gates and Paul Allen form Microsoft.
1976 Stephen Wozniak, Steve Jobs, and Ron Wayne form Apple Computer as a hobby!
1981 Ian Murphy becomes the first hacker to be tried and convicted as a felon.
1983 ARPANET splits into Government and civilian sectors; the civilian sector later becomes the present-day Internet. The film War Games popularizes hacking
1984 The famous hacker group, Legion of Doom, is formed. Apple Computer launched the Macintosh, the first successful mouse-driven computer with a graphic user interface. They announce it via a 1.5 million commercial during the 1984 Super Bowl.
1987 IBM Introduces the PS2 with VGA Video Graphics Array Chip and a 3-inch floppy that stores 1.44 Megabytes! (We now all have USB memory sticks we carry in our pockets and purses that are at least 4 Gig. That’s 4 billion bytes)
1988 Robert Morris, the son of a computer security expert for the NSA (National Security Agency), floods ARPANET with a worm. It caused problems for thousands of hosts linked to the network.
1990 The World Wide Web (WWW) was born when Tim Berners-Lee, a researcher at CERN, the high-energy physics laboratory in Geneva, developed Hyper Text Markup Language, or HTML. (This finally made web browsing and internet access easy for everyone.)
1991 Phil Zimmermann introduces Pretty Good Privacy. Pretty Good Privacy, or PGP, is an e-mail encryption program. It’s the most widely adopted email encryption system in use today. (Encryption secures your data from would be snoopers, see Appendix A for more about encryption)
1992 Microsoft introduces Windows 3.1. It sells more than 1 million copies within the first two months of release. (Yes, I actually had this on my PC!)
1994 Netscape and Yahoo are founded. Netscape for its popular browser and Yahoo as an early search engine still in use today. (There was no Google yet!)
1995 Computerhacker Kevin Mitnick is arrested by the FBI.
1996 Google is first developed by Sergey Brin and Larry Page.
1997 Microsoft announces Windows 98.
1998 The CIH virus also known as Chernobyl virus is created and begins infecting computers and starts executing one year later on April 26, 1999.
1999 The Melissa Virus begins infecting computers March 26, 1999 and quickly spreads around the globe over e-mail in hours and becomes one of the fastest spreading viruses in history.
2000 Young Filipino students releases the ILOVEYOU e-mail virus that begins infecting computers and spreading over the Internet May 5, 2000.
2001 The Code Red worm begins infecting Windows computers in July 2001 with the intention of performing a DDoS attack on the White House government web page. The worm is estimated in causing $2 billion in damages and never succeeded in its attack
2002 Jan de Wit aka OnTheFly is convicted May 1, 2002 for the Anna Kournikova virus.
2003 The Slammer worm is first released in January 2003 and becomes the fastest spreading worm in history after infecting hundreds of thousands of computers in less than three hours.
2004 The Mydoom computer virus with 250,000 infected computer begin to dos attack the SCO site February 1.
2005 Jeffrey Parson aka T33kid is convicted January 1, 2005 for the Blaster computer worm.
2006 UCLA data compromise; over 800,000 student and staff records taken.
2007 The Apple iPhone Jail breaking method is introduced to the public on July 10 this allows hackers to modify the phone and its security settings. It also allows unsafe non Apple approved applications to be installed.
2007 March 30th, Hackers infiltrate TJ Max and steal over 45 million credit cards. Their wireless sales terminals were not using secure communications.
2008 Conficker Worm infects millions of computers worldwide. (This was a real data stealing worm that infected millions of computers worldwide!) See Bot Nets in Appendix A.
2009 Microsoft releases Windows 7 October 22. This is the most secure Microsoft operating system to date.
2009 China Denies involvement in Hacking US power grid.
2009 President’s Helicopter, Marine 1 blueprints leaked via Limewire file sharing net.
2010 Apple introduces the iPhone 4 on June 24, 2010, the world’s most powerful smartphone with internet access, the new frontier of hacking.
2010 Microsoft Announces IE9, its most secure browser yet. It protects users from bad websites and their malicious content!
Note that in the year 1998 the first innocent viruses begin to arrive. In 2001 the Code Red worm does $2 billion dollars damage by bringing down web sites, which is like turning off the power to any company. They were not stealing data at this point; they were disrupting online business activity. Finally notice that in 2008 a mass worm called Conficker hits. It can be programmed to steal any type of data, it can look for and take bank accounts, SSNs (Social Security Numbers), credit cards and more. (http://www.microsoft.com/security/worms/conficker.aspx.)
Conficker is a bot net. A bot net comes from the word robot. A spammer or cyber criminal uses special software to automatically send out millions of emails via their bot net to lure users into taking the bait. Unsuspecting users click on web mail links, or they purchase fake products offered and when they do, they unknowingly and unwillingly become part of the bot net. The cyber criminal’s goal is to have millions of computers under his control. Then, besides collecting the users’ data, bank logins, etc., he uses them to attack more users. Just how many emails can a spammer like this send out per day? Billions! But they often keep it much lower to try to avoid being detected. Cyber Crooks even rent out the bot nets to other cyber criminals! That’s right, they take over millions of systems and use them to steal others data, intellectual property, credit cards and then rent the hijacked systems out including yours so other bad guys can share the wealth!
All this technological growth and innovation was happening but it was being placed onto an insecure internet. Technology was simply growing by leaps and bounds and no one seemed to notice the mess we were about to get into. The internet kept growing and we just kept moving more and more onto it. As usual, public demand for technology drove corporations to produce it and make more of it available. We did not stop to look at the risk, or the long term headaches we were about to cause. We operated in silos and thought we had things under control. And why not? The money kept pouring into PC makers and the software companies.
Keep in mind in the 1980’s we were totally dependant on dial up networks, high speed cable or broadband. Always on internet was many years off. The 1980s are called “the war dialer era”. Despite ARPAnet, the majority of computers can only be accessed by discovering their individual dial up phone lines. Thus, one of the most treasured prizes of the 1980s hacker is a list of phone numbers that tie to computers waiting to be discovered or hacked as was the case.
So what happens next? As I mentioned earlier, I lived and worked in a technology career during these critical years. I was a Shuttle launch control computer tech. Later I went into launch control engineering. It wasn’t until after 1992 when I was laid off from the Shuttle program due to the Challenger accident that I started to see the battle against viruses really hit the corporate network. It was 1995 when I landed a job with the Space program once again. I was now a systems administrator deploying monthly antivirus updates. There were still no mass data stealing viruses; they were mostly disruptive. They corrupted Microsoft word templates.
Notice I just mentioned monthly antivirus updates. Did you know we now have computers set for automatic updates? They update almost daily and sometimes hourly! That’s because the threat level has changed from those early nuisance viruses to the latest stealthy, password data stealing viruses and worms. Let’s pause a minute to briefly discuss a computer Virus and a Worm.
A Virus needs a host just like a real biological Virus. Where a Biological Virus attaches to a cell, a PC Virus attaches to a program or file. You open the program or file and Wham! It spreads.
Worms are a sub class of a Virus but are very dangerous because they can travel without any human interaction. They automatically copy themselves and spread across networks. They might even use your email address book to decide where they are going, all without asking you.
A Trojan horse masquerades as a legitimate piece of software. After installation you have a program that does things you did not expect. They often add a back door to your system, where a cyber criminal can view and control your system. This is how they steal data, your credit card and your identity. This is where we are today, from the 1980s to now.
Worms and Viruses gradually became more sophisticated. It went something like this: In the 1990s we continued to have basic intrusions and viruses. As we moved toward 1995 we still encountered viruses and malware but it was mostly for recognition or fame. “Look at me! I’m famous! I wrote a virus that spread all over the world and it even made the evening news.” Still no one was using them for financial gain. It was not until the mid 2000’s when everything changed. Suddenly mass malware was here and looking to take whatever it could for financial gain. No longer were people writing a virus or other piece of malware to get attention. It was quite the opposite. They used stealthy code that was designed to break in, steal data like a credit card or SSN and then exit very quietly.
As I mentioned earlier, the 2006 UCLA compromise that took over 800,000 student and staff records went undetected for over a year. It was only by chance that someone in their IT department happened to notice that a lot of data was suddenly being pulled from their data base out to the internet. An anomaly or a crime in progress? Why are so many records suddenly being pulled out to the internet they had to ask? The FBI got involved and the last I heard was that an application had a flaw and a foreign country exploited it.
We keep seeing this happen. In many cases it’s a poorly configured application or web server. You can’t just take a brick and mortar business worth millions of dollars, put it on the internet and, suddenly, you have the world as your customers and no new problems. You might now have instant access to global customers but you are also connected to all the bad guys in the world too. While your customer exposure went up so did your risk of a data compromise. It’s just simple math; before the internet all businesses used snail mail and telephones. Now large corporations have everything potentially exposed to the entire planet and its 24 x 7 exposure! That is unless they are very careful at how they architect their networks and manage risk.
They also need to be mindful about training all their users! I will say this over and over. I even made it our School Districts Security motto. “Users need to know that no matter what physical and technological devices are in place…ultimately, it is user knowledge and action that will achieve the utmost security for the District”. I really believe this, and there is a lot of evidence to support it. I like to compare it to driving a car. You can place the best automotive technology on the road, that includes antilock brakes, SRS airbags, Antiskid controls which help a lot, but if the driver is ignorant about safety, under the influence of alcohol, drugs or texting then no Technology will ever save them.
1 Computerhistory.org