Dec. 29 (The Dallas Morning News/KRTBN)–While Y2K wary Americans ring in the New Year with champagne and flashlights, computer hackers are set to celebrate with what security experts fear will be an unprecedented assault on computer systems across the globe.
The potential assault, as described by hackers and federal law enforcement officials, is likely to include cybermischief as elemental as website defacement or the planting of prank programs.
But far more destructive actions may take place as well. Security experts and hackers say those bent on crippling computer systems have the tools to copy sensitive data or to destroy sophisticated programs and essential information.
The attacks, if they occur, aren’t expected to affect consumers and their individual personal computers, so much as businesses and their computer networks, experts say. Still, average Americans could feel the effects if, say, their banks or internet service providers were targeted.
Even hackers are wary of the expectedonslaught. “I don’t think there is any doubt on anyone’s mind that New Year’s Eve/Day is going to be a mesh of — computer system chaos,” hacker known only as “rain.forest.puppy” in an e-mail interview with The Dallas Morning News. The well-known hacker said the failure of corporate managers to understand how vulnerable most computer networks are has made potential disruption “a self-fulfilled prophecy.”
“What better time to creep into a network than amidst all the bustle? And the fact that Jan. 1 is a worldwide `landmark in time’ gives people a common motivation — to ring in the New Year,” the hacker said.
According to a variety of sources, the prospect of widespread hacking is made possible by the convergence of two relatively new developments: the ready availability of easy-to-use hacking tools, and the increased organization of computer intrusion.
The new hacking tools, capable of penetrating even highly secure networks, are spawning a new generation of “push-button kiddies,” hackers capable of doing serious damage without highly refined programming skills.
Hackers like rain.forest.puppy, who have invested years of effort and knowledge to decypher arcane programming language, are finding their complicated and innovative work reduced to “point-and-click” kits. Users need only download the kits, as they would a computer game, then choose the targets they wish to invade.
Moreover, recent monitoring of computer chat rooms frequented by young hackers suggests that political organizations hoping to capitalize on Y2K anxieties have been distributing the point-and-click kits, and recommending targets in an attempt to create the semblance of an organized worldwide assault.
“This is the equivalent of handing out cyber-submachine guns to young kids and telling them to take out their aggressions,” said Russell Fish, a Dallas-based computer security specialist. “This is like using a 14-year-old as a bag man in a drug deal. They don’t know what they’re doing, and the adults guiding them don’t care.”
Mr. Fish said he has been examining tools now available over the Internet. “These things are scary. Even without special knowledge very average hacker can target a sophisticated network and walk right through,” he said.
Chris Klaus, CEO of Internet Security Systems Inc, agrees. A number of recently published intrusion techniques make even large-scale, sophisticated networks — like those employed by government agencies, banks and large media companies — vulnerable, he said.
And the growing organization of hacking is something to be reckoned with, he added.
“Traditionally, hackers have been fiercely individual. But they are beginning to polymorph into fully blown organizations,” he said. “Some explore for the sake of exploring. But some are joining in for criminal purposes or political reasons. It’s the evolution of hacking.”
Last month, a hacker known as “ytcracker” defaced several websites operated by Texas state agencies. His exploits were displayed for verification on a hacker website, www.attrition.org.
Security specialists familiar with ytcracker’s vandalism said it was accomplished with surprisingly little expertise, using some of the widely available hacking tools.
Unrefined or not, ytcracker was able to penetrate and deface not only Texas government websites, but also some associated with the Defense Contract Audit Agency, Honda of Korea, the National Aeronautic and Space Administration and an early warning system operated by the North Atlantic Treaty Organization.
Because of the wide variety of tools available to hackers, experts say there is no way to predict the precise nature of a Y2K hacking threat. Many email-borne viruses and worms are well-known to systems administrators. But widespread system vulnerabilities, particularly those discovered in such widely used programs as BackOffice 2000 and Windows NT, have not been addressed properly by many users, even where program patches are available.
“Now throw into the mix all the `push button kiddies’ that can download the latest and greatest …” said the hacker known as rain.forest.puppy. “With very little resource including intelligence, they can find exposed systems and compromise them.”
Ironically, many of the hacking tools are available on websites maintained by Internet security firms. Packet Storm (packetstorm.securify.com), for instance, is operated by Kroll-O’Gara, Inc., a longstanding security firm with operations worldwide. The belief, one shared by many hackers, is that publishing security breaches helps create a more secure system.
Once hackers get past computer system security arrangements — so-called “firewalls” — they can install programs that allow them to manipulate or reprogram system files. Some programs allow hackers to designate themselves as “system administrators” capable of reading and manipulating many of a system’s most sensitive files.
“Since there are less people around during the holidays, there are fewer people who might detect the intrusion,” said Mr. Klaus. “And because of holiday vacations, there are also more hackers hack
One Dallas-based hacker, whose hacking handle is “REB,” demonstrated the efficiency of these programs. Using “macros,” or previously programmed files, he was able to breach a highly secure system within five minutes, then run a program which helped identify hundreds of unsecure machines.
“Yes, it’s easy,” said Jason Ottwell, a Dallas-based computer security consultant, when showed a computer log of the hacking. “I don’t think that most — computer system administrators appreciate the fact that this `insta-hacking’ can be done with such ease.”
Hacker tools are not only more widely accessible, according to security experts; they are also becoming more potent.
Mr. Klaus’ firm, for instance, recently warned its clients of a technique called “Tribe Flood Network,” which has the capability of jamming even high-traffic Internet connections with billions of repetitions of remotely controlled computer traffic si “pings.”
A ping is a coded electronic signa, like the ringing of a telephone, bounced by one remote computer off another to see whether the second computer is capable of answering. Using well-known computer intrusion techniques, vulnerable remote computers can be set to ping a single target over and over, Mr. Klaus said.
“It’s a familiar technique that when directed at a modem can shut down access,” said Mr. Klaus. “What is new is the ability to set up hundreds, even a thousand of these remote signals set to ping flood against the same client server, filling up the pipe” and jamming even high-traffic Internet connections.
Though they are predicting widespread intrusions, neither hackers nor security experts are predicting widespread damage to computer systems. Generally, they say, young hackers, particularly the “push-button kiddies” are more interested in establishing access than in wrecking data.
“Kids don’t care about your data,” said the hacker, rain.forest.puppy. “Most likely they’ll deface your website, maybe use your system as a jumping-off point to other systems.” only in unuslaul cases, he said, are they likely to destroy or misuse data.”
“Many kids’ comprehension is beyond corporate espionage,” he said. ” `Precious data’ is not a part of the kids’ game. You think the kids realize they’re sitting on a … database of 30,000 credit card numbers?”
Mr. Ottwell agrees. He said he believes most hacked sites will be posted with political or personal messages, with little other damage.
The most serious hacking may occur in ways and places not yet imagined, he said.
“There is talk about government and military websites. There’s also banking and financial institutions and big media companies. A lot of these have apparently been mentioned.
“But the ones I really fear for, are the ones that are NOT being talked about.”
By Allen Pusey
-0- To see more of The Dallas Morning News, or to subscribe to the newspaper, go to http://www.dallasnews.com/
(c) 1999, The Dallas Morning News. Distributed by Knight Ridder/Tribune Business News. END!A3?DA-HACKER