Computers, Viruses, Spyware, Root Kits … I wonder

This last year has perhaps been the most serious in the Computing Security Industry.
In April last year I ran into the first "zombie" computer (a computer that has been "captured" by a botnet as is now practically outside the owners control), it was being used as a spam robot. It had been invaded by a "root kit", and I could see how the creator of the malware could or was earning revenue by effectively selling bandwidth to a spammer. I chose to wipe the computer clean and not waste my time trying to find out the full hows and whys.

In October I ran across another, this was not being used to spam and I decided that as I had a few hours on hand I would remove it. It turned out to be a case of doing battle with the rootkit which was active and stymied all my usual tools. Fortunately I was able to boot with a Linux live cd and remove the files that appeared to be stopping my normal anti-malware tool from installing. In the process I analysed the files that had installed at the same time as those that were stopping me. Alas I found a collection of software that had turned the computer into a full blown FTP Server, in other words allowing outsiders to anonymously log in to the computer and collect any data they pleased from the computer.

I told my client to contact his bank, cancel any credit cards that he may have used and check his bank account carefully. I was certain that the main objective was stealing information. Three days later I was confronted with my third case, before even attempting to remove I told my client to phone her bank immediately. It transpired that there was already a credit card fraud.

Eventually Microsoft announced that they would provide a patch to the security hole in Internet Explorer that allowed the malicious code to execute simply by touching a website while browsing.

This month a year after my first case I have found a new variant that has obviously found a way around Microsoft's patch!

You might say what has all this to do with Economics?

Firstly the discovery told me that no company to claim to be secure, if they allowed their staff to browse the Web, unless the only access was to an "in-house proxy server". This in itself is no longer enough … if staff have laptops which they take home … unless the laptop has a thorough scan and analysis before it is allowed to connect to the internal network … there is no longer certainty that your network is secure! We might be able to guarantee the integrity of our staff. Can we ever guarantee the integrity of the robot that actually has control of the computer?

I am aware that credit card fraud through the Internet is on the rise. I am aware that many major companies trading on the Internet, maintain databases with all credit card details.The degree to which these companies can claim their data is totally secure is questionable. Banks are also not exempt from data theft. We have seen how badly the Government maintains the security of its data bases.

I was shocked to hear on the radio yesterday, that sufficient information is available from the Land Registry to effectively enable someone to fraudulently raise a mortgage bond on your property, about which you will know nothing until the mortgagor forecloses on the property. How many of the "toxic mortgage bonds" are fraudulent?

Leave a Reply