The New Vandal
The New Vandal
By David L. Anderson
Cyber vandals are individuals who damage information infrastructures purely for their own enjoyment and pleasure. Their primary motivation is not financial; it is the desire to prove that the feat could be accomplished. Once inside they leave their mark so there is no denying their presence. At first brush this may seem more of a prank than an attack aimed at destruction. The effect on business, however, is undeniable. These types of attacks fall into the category of DOS or Denial of Service attack. The affected site must be shut down and repaired before it can be returned to normal operation. The massages left behind vary in tone: sometimes racial, sometimes profane, and sometimes political. Whatever the message, the effect is always disruptive.
One of the terms used to describe traditional vandalism is "Graffiti." Webster's dictionary defines graffiti as "A drawing or inscription made on a wall in a public place. Graffiti has been with us since the beginning of history and its evidence can be seen in most of the explorations of the early cave dwellings. Early man painted the animals on which he depended for sustenance, his weapons of war and hunting as well as his everyday life. Graffiti can undeniably be referred to as a tool used for communicating.
The term vandal derives its roots from the early period between 406 and 572 when the Germanic barbarians completed their migrations into the West. As the Roman world collapsed, many Germanic tribes reached a peak of brief glory; others were destroyed in a series of little-known wars. To the Germanic people, this was considered to be the "heroic age" which was a time of adventure and great displays of power.
The Vandals were a Germanic tribe of Jutland (now in Denmark), who migrated to the valley of the Odra (Oder) River about the 5th century BC. During the 2nd and 3rd centuries AD they settled along the Danube River. This is approximately when they began their conquests overRome. Today's usage of the word "vandal" reflects the dread and hostility the tribe precipitated in against other people, especially the Romans, by their looting and pillaging of the many villages they conquered. (Source: http://campus.edu.history/webchron/westeurope/vandals.html)
Modern vandalism, while not evoking the same fear as the earlier namesake, evoked feelings of anger and frustration from residents, businesses and governmental agencies who seemed to have no answer to the endless displays of artistry. Steps were taken to counteract this growing phenomenon. Special paints were developed for Subway trains and stations making it easy to remove these unwanted symbols. This worked largely to eliminate the behavior in the subways but above ground the tradition continued.
Community pride and awareness programs were undertaken in an effort to stop the practice in neighborhoods. While this approach achieved some level of success, it did not succeed in eliminating the practice that was used mostly by gangs as a means to communicate turf ownership and gang affiliations.
Vandalism is far more frightening in some of the other scenarios that we have seen over the years. Vandals break into churches; cemeteries and homes to express racial and ethnic hate. This type of behavior is more ominous because it carries with it a certain degree of violence.
Geography as well as social factors limit these types of vandalistic acts. They tend not to escalate as quickly as cyber vandals who are not limited by geographic boundaries. The numbers of people who can commit these acts of vandalism are limited to their proximity to the sites, while cyber vandals can attack any site connected to the Internet.
The Internet age has spawned a new type of vandal, commonly referred to as cyber vandals. This medium has allowed the vandal to extend his/her reach beyond the boundaries of city, state and, indeed, continents. The cyber vandal can spread messages of hate and way beyond the traditional boundaries. The impact now is not the defacing of structures and buildings, but now on the business frontier, cyberspace.
The explosion of cyber vandals has had a profound impact on both government and industry. The focus thus far has been on the impact of vandals on industry so let's now consider the impact on government.
The attempt to exploit the relatively open character of the Internet to cripple targeted sites is an act of sabotage that can have no progressive merit. Moreover, it can only strengthen those commercial and government forces that want to clamp down on the World Wide Web and restrict the free flow of information and debate along this powerful international medium. These acts of cyber vandalism play directly into the hands of government agencies that have been pressing for increased police powers over the Internet. The FBI investigation will doubtless be used to test the ability of the state to monitor Internet traffic and pinpoint the origin of messages. The FBI has already begun examining the records of the target companies and their partners on the Web and collecting logs from Internet service providers that can show where transmissions originated.
FBI Director Louis Freeh has been pushing for Congress to grant the bureau greater power to make the nation's telephone and computer networks more accessible to wiretaps and other forms of surveillance. Last July, the Clinton administration circulated a plan for an extensive software system to monitor government computers and possibly those of private industry. The network, known as the Federal Intrusion Detection Network, or Fidnet, alarmed civil libertarians who said it could be used to curtail privacy on the Internet. The Justice Department was requesting an additional $37 million in next year's budget to fight the growing problem of computer crime.
These ideas will no doubt gain momentum and strength as the economy becomes affected by this and other forms of intrusion. So far, the disruptions appear to have had a somewhat limited effect on the stocks of the affected companies. But they have, however, made investors nervous, and market analysts say the disruptions contributed to a selloff of Internet stocks.
The cyber vandal has also spawned a new niche for technology companies by allowing the area of data protection to become increasingly popular. The target market for these software companies are no longer limited exclusively to businesses as the home computer market is now seen as another area that needs protection. As more and more people add broad band "always on" access to their home networks it becomes increasingly important to protect the data that resides on the local machines. Listed below is an advertisement for a software company that seeks to cover this growing market.
IF YOU READ E-MAIL OR SURF THE WEB, YOUR COMPUTER IS WIDE-OPEN TO VANDALS
ESafe Protect Desktop keeps Internet Vandals at bay —without taking the fun out of the Internet. Java applets and ActiveX controls can load, but they're "quarantined" to a special area called a "sandbox". Isolated from the rest of your drive and data, they still run freely, but are watched carefully. The moment a Vandal shows its true intentions, it's stopped cold.
Vandals can easily be targeted to a particular company and unlike Viruses, they cause immediate damage. To make matters worse, the leading Anti-Virus packages in use today cannot detect Vandals. To reduce the risk, some network administrators have attempted to block Java and ActiveX completely. This quick fix is no longer viable because active technologies have become necessary for businesses to function and compete effectively.
Assuming you wish to maintain Internet connectivity, the critical security holes outlined above can only be solved through one comprehensive solution. That solution needs to be an efficient, secure, and pro-active method of blocking Vandals and Viruses at their point of entry - the Internet gateway.
The solution is to integrate Virus and Vandal protection into the Firewall itself with eSafe Protect Gateway from eSafe Technologies. (http://www.sosbestdefense.com/bd_vandals.html)
The following slide summarizes the major characteristics of the cyber vandal:
As stated earlier: ego, cause or damage motivates the cyber vandal. They are not concerned with financial gain, however that does not mean the cyber vandal will not take monetary rewards if it is available. This type of threat is driven more by ego than financial reward. There is, however, an element of political sentiment that is sometimes present. As the following excerpts show, vandals sometimes deface sites to further their own political agenda.
The following examples show cyber vandals whose primary motivation is the challenge:
These examples show evidence of the five characteristics of the cyber vandal:
The motivation of ego or cause (Symantec)
Damage is obvious (Dept. of Justice)
May be orchestrated (E*Trade, ZDNet, Amazon, Yahoo)
May Penetrate, hide and collect (Salgado credit card scam)
May use denial of service techniques (E*Trade, ZDNet, Amazon, Yahoo)
This has clearly become an issue that has to be dealt with before we can begin to experience the true meaning of e-commerce. The general public needs to be confident that doing business on line does not mean risking all one's assets and or anonymity. The FBI has formed a task force aimed at intrusion detection, however they seek more control and access to information on the Internet. This seems to contradict the premise of what some believe the Internet represents. Business has placed great effort and investment in building a better mousetrap. This has lead to a boom in the software security market. In the end I think the public will give up a little freedom in order to have some level of confidence that their transactions will be secure. It will take some time to get there and there will be more horror stories before it is all settled.