Hackers setting sights on home computers

WASHINGTON

Computer hackers, once satisfied to test their skills on large companies, are turning their sights on home computers that are faster, more powerful and less secure than ever before.

The hackers can steal your identity, destroy your data or use your computer to launch attacks on Web sites or your friends' PCs.

"Home machines weren't very interesting targets a few years ago," said Mikko Hypponen of antivirus company F-Secure in Finland. "That's all changed now."

Experts attribute the threat to several factors:

Many home computers are now as powerful as business computers, with enough memory and processing power to make them alluring staging areas for wide-scale Internet attacks that affect other computers.

A growing number are connected directly to the Internet through high-speed DSL and cable lines that remain open all the time. Computers that are left on around the clock are vulnerable.

Unlike businesses with permanent security staff, most home users are slow to secure their computers with the latest antivirus and firewall software and to plug security holes by downloading the necessary fixes from software makers such as Microsoft.

Many home users are unaware of Internet threats and are too willing to click on unsolicited e-mails that might be infected with malicious programs.

Andrew Bard, owner and operator of Computer 21 a computer sales and service company in Cape Girardeau said he's been called in to clean up problems caused by hackers.

With one customer the hacker broke into the computer and put all of his icons into a folder titled 'you have been hacked,' Bard said.

The customer was hooked up to a DSL connection.

At first, it seemed like a harmless prank, but the hacker had installed a program that sent information about Bard's customer, like credit card numbers, back to the criminal.

"Home users have generally been the least prepared to defend against attacks," Carnegie Mellon University's Computer Emergency Response Team Coordination Center warns. "In many cases, these machines are then used by intruders to launch attacks against other organizations."

Viruses and worms -- which are viruses that don't need human intervention to multiply -- make up a large part of the new threats to home computers. In the past year, users' computers have been infected with malicious programs with catchy names like Code Red, Nimda, SirCam, Anna Kournikova and others that could be spread through Internet e-mail or surfing.

Antivirus firm Message Labs reported that it detected one virus per 370 e-mails in 2001, double the rate of the previous year.

The potential damage from hackers is also growing.

Several years ago, virus writers were content to simply destroy data on a computer.

Now they can imbed malicious programs that spy on users or steal their identity, use personal computers to attack other systems and use your e-mail address book to unwittingly infect the computers of friends.

Computer crime in Cape

Cape Girardeau Police detective Cpl. Trevor Pulley strongly recommends installing firewalls on personal computers.

As one of the department's specialists in computer crime, Pulley has worked on several cases of identity theft and credit card fraud.

One case involved a victim in Texas and a suspect in Cape Girardeau. The Texas man's credit card had been accessed and used through his computer.

Vigilance on the part of computer owners would help cut down on some of the crimes, Pulley said. Updated antivirus programs, firewalls and protected passwords also help.

Programs can be purchased in stores or downloaded from some Internet sites.

"But nothing's 100 percent," said Bard.

Pulley agreed. "If a hacker really wants to get into your computed, he'll probably be able to do it," he said.

Even the most savvy users have been victimized.

An FBI cybercrime researcher's computer infected with the SirCam program sent out official documents that spread the virus -- to the bureau's embarrassment.

The federal government is trying to better educate and insulate home users, hoping it will slow the spread of Internet viruses or worms that could slow the entire Internet and its e-commerce.

The outbreak of the Code Red Internet worm last summer sparked an unprecedented show of force from government and private industry.

"We've never seen a virus before that would not affect end-user machines at all, it just jumped from one Web server to another," Hypponen said. "It really made Code Red more like a weapon than anything else."

Although home computers were not affected, the message government and private security experts want home users to take from that threat is that computer maintenance needs to become as routine as locking your house and car.

Home users need to routinely update their antivirus and Internet firewall software against the latest threats and check for software fixes that software makers provide for free.

"If you've got a system out on the Net and it's not patched, there's a very high degree of likelihood that literally in a matter of hours you'll be popped," warned Amit Yoran of computer security firm Riptech.

Vulnerable networks

New technologies will be at risk to hacking this year, Yoran cautioned. Wireless networking, which is now so cheap and easy to use that consumer models are growing popular, is especially vulnerable.

"The standard itself is insecure," Yoran said. In a large-scale test of urban wireless networks done by Riptech, experts couldn't find a corporate network they couldn't break into.

With more and faster computers on the horizon and no sign of hackers giving up their pursuits, home users will have to take security more seriously.

"They think if they don't have any secrets, they aren't a target," Hypponen said. "But it's not like that at all."

Staff writer Andrea L. Buchanan contributed to this report