Actual computer hackers insist negative stereotypes about them are not always accurate.
"Many hackers hack because of the thrill of being able to get away with it - or to point out security flaws," said a University student and hacker, who asked to be identified as BadKarma. "Most hackers I know don't intend to cause harm, but there are bad apples in every bunch."
Another hacker, who wished to be identified as Asbestos, shared the same sentiment.
"A lot of people do it for the challenge," Asbestos said.
Some hackers and non-hackers alike said they blame the federal government for hackers' bad reputation, claiming that the government feels hackers pose a threat to society.
"The government portrays hackers as 'dark forces' because they don't want people to have too much privacy," said LSA senior Greg Hecht.
But even if most hackers have harmless intentions, it doesn't take very much skill to cause a lot of damage to a computer system, BadKarma said.
"Anyone can download a hacking program from the Internet and hack major universities with no expertise whatsoever," BadKarma said.
The availability of these programs results in hordes of amateur middle- and high school-aged hackers, but these novices aren't a serious threat, Asbestos said.
"The ones that are doing the real damage are college students that know (the programming language) C and Unix," Asbestos said.
There is no single defining motive or characteristic of a hacker. But one thing is certain - hackers, viruses and other forms of electronic attack pose a very real threat to the University community.
Hack attacks
The University's information systems experience hacks, or illegal entries, every day. Although computer experts make an effort to monitor and log illegal accesses, "I suspect that we have a lot more activity than we know about," said Virginia Rezmierski, ITD assistant to vice provost.
This sentiment is commonly shared throughout the computer industry. The Computer Incident Advisory Committe estimates that only one out of every 10 hacks is detected and reported.
When University departments take the time to log and monitor computer activity closely, Rezmierski added, they find much more illegal entries than they usually do.
Hackers pose several dangers to the University. The single greatest threat is password violation, where stolen passwords are used to access user accounts and resources.
A user password is considered vulnerable to hackers if it includes predictable information such as birthdays, addresses and names of family members and pets.
Passwords that include words found in any dictionary - in any language - can be easily cracked by hackers with common dictionary password programs. These crack devices use every word in a particular dictionary as a user's password until it finds the correct one.
Hackers may also attempt to gain access to user passwords by hacking into University computers. Once a hacker breaks in, any user that logs into that machine is at risk of revealing their password. This kind of password violation is "fairly common," Burns said.
If a user's password is discovered by a hacker, it can be used to gain access to the user's e-mail account and online data storage.
The hacker can then threaten or harass people under the guise of the user whose password was stolen. Also, important personal files can be deleted.
If the stolen password grants access to online University files, the University can suffer as much as the individual user.
In January, ITD found that a high percentage of University passwords were considered unsafe. As a precautionary measure, ITD officials alerted users who were at risk and tightened password standards.
Stolen passwords are only one way a hacker can damage the University's information technology. System intruders can cause direct harm to the University and users through software liability.
Once a hacker gains access to the University computer system, illegal software can be copied onto the computers without the University's knowledge.
If this software is found by a company that is losing money on the pirated product, "the University can get involved in six-figure settlements," Rezmierski said. These liability attacks are particularly malicious because the hacker does not stand to gain anything besides watching the University squirm.
Asbestos claims involvement in an elaborate hacking liability scheme that involved stealing University passwords and storing pirated software on users' IFS space.
"You turn it into one huge pirate site," Asbestos said. "It gets a lot of people in trouble and makes the U of M look really bad."
Although Asbestos never completed his plan, it drew much attention from both University and federal security groups.
"I think I had the FBI looking for me," Asbestos said.
Another common danger the University faces is a "denial of service" attack, in which a hacker will send huge amounts of data to a particular port on the Internet, resulting in mass congestion.
"They flood those access points to make them unusable to other people," Burns said.
This kind of attack affects all users trying to access the Internet or send e-mail through the University system. In some cases, users will experience delays. In others, they will not be able to get through to the Internet or send e-mail at all.
"It certainly happens," Burns said. "It has a real and direct impact on the University's ability to take care of its business."
This past Sunday and Monday, the University experienced a sporadic network outage, resulting in shutdowns of off-campus connections. Users were temporarily unable to access resources outside of the University network, and e-mail connections were also slowed.
The network shutdown appeared to be the result of a malicious denial of service attack, according to a statement released by Andrew Palms, information technology communications services product manager.
This incident was described by Jeff Ogden, associate director of the ITD merit network, as "the worst case we've experienced, ever."
"It's fairly easy for anybody to bombard us with traffic," Ogden said. "It's difficult to find loopholes that would cause the (network) to misbehave."
ITD is working in conjunction with several companies to track the person responsible for the attack, but the likelihood of identifying the hacker is slim, Ogden said.
"The better the hacker, the more difficult it is to trace," Ogden said. "It's national and international. Trying to find a particular individual is not easy."
Even if a hacker is identified and indicted for the alleged crime, cases are notoriously difficult to win because of their highly technical nature. Often, judges won't bother with them at all, Ogden said.
If a hacker is convicted, penalties vary widely depending on the crime committed; they range "anywhere from a slap on the wrist to a long, long jail sentence," BadKarma said.
Despite the horror stories, not all hacker activity is harmful.
"Sometimes, hackers come in (to the system) and just look around," Rezmierski said.
Hackers also "bounce through our system onto other machines," Rezmierski said, having no real effect on the University's system. But illegal access of any kind, for any reason, is still frowned upon.
"The bottom line is they are intruding," Rezmierski said.
Online plagues
The University network also faces a serious threat from computer viruses.
A computer virus is a program that overwrites, attaches itself to or replaces another program in order to copy itself without the knowledge of the user.
The first computer virus was identified in 1986. In the 12 years since its discovery, more than 20,000 unique computer viruses have been identified, although "only about 500 are active," said Bruce Burrell, head of the University Virus Buster team.
Viruses are spread from computer to computer in a number of ways. The most common is the exchange of floppy disks. Viruses can also be contracted through Internet FTP sites and bulletin board services. An infected computer on a network can quickly spread its virus to other computers on the network, which can pose a serious risk to the University's computing environment.
The first danger viruses pose to the University is "the fairly obvious threat to data," Burrell said.
In some cases, viruses are designed to directly attack a computer's data, destroying files and disks as soon as they are activated.
Other viruses are more insidious, corrupting data over long periods of time without the user noticing.
Some of these "slow" viruses have humorous effects, such as the "wazzu" virus, which affects the Microsoft Word program.
"The original virus would insert the word 'wazzu' into random places," Burrell said. "You can't fix it, except by human means. Over time, the document gets more and more corrupted. That sort of thing is not obvious, but it ends up being more pernicious."
The damage caused by viruses is not limited to lost or corrupted data. Fixing an infected network requires professionals and can be extremely costly and time-consuming.
"There's the damage for the effort to fix a large-scale problem," Burrell said. "One machine is no problem. A network requires a lot more time."
Viruses can also harm individuals on a more personal level.
"There's a threat to one's professional reputation," Burrell said. "If you e-mail someone with a virus, you end up looking like you don't know what you're doing."
The fear of viruses can also have psychological affects on naive computer users. When inexperienced users are ignorant of how viruses are contracted - and what their effects are - they can panic, causing unnecessary alarm. This fear can also prevent people from learning to use computers for more than e-mail and word processing, Burrell said.
The next generation of computer viruses, called "macro-viruses," is beginning to cause serious problems. First discovered in 1995, macro-viruses can infect any computer - Macintosh or PC - with specific versions of Microsoft Word.
"This is something that traditional viruses can't do," Burrell said.
Once a Word document is infected with a macro-virus, it can spread to the Microsoft Word template. If the template becomes infected, any document opened by Word on that computer is at risk.
A virus outbreak in Angell Hall in 1995 demonstrated how quickly a virus can spread at the University. Forty new PCs were installed, but because of their odd configurations, they did not have the University's standard virus protection.
"Within three weeks, more than half were infected," Burrell said.
This past spring break, the University, as well as many other schools and government agencies across the nation, experienced a "modified teardrop" virus attack, which Rezmierski described as "explicit, targeted and purposeful."
The attack, which was specific to Windows 95/NT machines, located these machines on the network and caused them to display the "blue screen of death."
Hundreds of computers across the nation were affected, and many agencies, including the FBI, are involved in the investigation to find the perpetrators.
Although the University has had several similar run-ins with viruses in the past few years, Burrell insists that there hasn't been anything too serious, due to the University's proactive anti-virus strategy. Since the late 1980s, an elite group of virus-busters has ensured the University network's security.
"We've been exceedingly fortunate," Burrell said.
E-mail pranksters
Another less damaging, but perhaps more time-consuming threat the University faces is the virus hoax.
If someone sends out a mass e-mail that fools hundreds of people into believing they may have a virus, University computer experts waste time investigating the alleged virus and trying to calm alarmed users.
"Anything that says 'Beware!' or 'Notify all your friends!' is almost definitely a hoax," Burrell said.
These e-mail pranksters, referred to by Burrell as talentless "weenies" on the bottom of the hacker food chain, pose no threat to data or passwords. But their jokes can be costly and time-consuming.
The CIAC estimates that it spends more time dealing with hoaxes than actual viruses.
04-10-98
| Previous Article |
should be sent to: daily.letters@umich.edu | should be sent to: online.daily@umich.edu |