Most home computers, including yours, are vulnerable to attack

April 12, 2013 by Peter Reiher

North Korea recently launched a cyber attack on South Korean TV stations and banks. Iran carried out a cyber campaign against U.S. banking sites. The U.S. and Israel released malware that disabled Iranian nuclear centrifuges. Or did they?

There's no doubt someone did all these things, and there are reasons to believe that those suspected are responsible. But because of the way the Internet is designed and the poor general state of , it is extremely difficult to pinpoint an attack's origin. Attackers are far ahead of our ability to track them.

While a can't reduce a city to rubble in the way bombs can, it is certainly possible to damage a nation through cyberspace. Many that modern nations depend on - , military intelligence and - rely on computers and networks. One good way to discourage cyber mayhem is ensuring that anyone who perpetrates it suffers consequences, so being able to place blame properly is important.

But that's not so easy. Although it's often possible to determine which messages are part of an attack and even which specific machines sent the damaging message, that's not the same as identifying the person or nation that is the source of an attack. Attackers often use compromised machines that belong to ordinary users throughout the world.

A vast number of computers on the Internet have been compromised by attackers. Even estimating how many is hard, but it is at least in the hundreds of millions. You may have one sitting on your desk at home. A 2007 study suggested that one in four home computers is compromised.

These machines, scattered throughout the world, can be used to launch attacks from any country the chooses. The attack could even be launched exclusively from machines within the target country. In a series of attacks in during 2011, for example, the majority of the attacking machines were located within that country.

So, even when a cyber trail seems to lead back to a certain country, that evidence may mean nothing. Any form of action taken against the apparent source of the attack might be unjust and ineffective.

Part of the problem is the very nature of the Internet, which was designed to allow any user to easily reach out and touch any other user. But that touch can be a caress or a punch. Most machines on the Internet are susceptible to attack from the outside, and when it happens, there are usually few fingerprints to identify the source.

A complete solution is likely to be beyond our technical capabilities at this point, and the "fingerprint" problem makes it difficult to establish treaties mandating proper behavior in cyber warfare. But we should nevertheless seek ways of establishing better cooperation between nations, including protocols for handling known compromised machines.

Last year's joint work by groups in the U.S. and Russia to take down the Grum botnet, which was responsible for sending vast quantities of commercial spam to email addresses worldwide, is an example of the kind of international cooperation required. By jointly locating the computers and sub-networks used to issue commands to this botnet and disconnecting them from the Internet, groups in the U.S., Russia and other countries rendered it ineffective. Only cooperation between law enforcement agencies and computer network operators across borders makes such remedies possible.

If it were more difficult to compromise users' machines and harder to launch attacks against critical sites, opportunity and benefit would be reduced and the problem would be less serious. Perfectly securing a machine or network is very hard, but improving security significantly is relatively easy.

For example, a recent report from the Center for Strategic and International Studies discussed Australia's Defence Signals Directorate's approach of using four basic measures to improve computer security. By only running applications from an approved list of safe programs, by aggressively applying patches to those applications as they become available, by being equally aggressive in applying patches to the underlying operating system (such as Windows or Linux), and by limiting the number of users permitted to change vital system configuration values, the directorate demonstrated an 85% reduction in risk of compromise.

Such general improvement in the security of everyone's computers would not only help protect the computers of individual users, it would benefit the Internet as a whole and everyone who uses it.

Explore further: NASA computer servers vulnerable to attack: audit

More information: Peter Reiher, an adjunct professor of computer science at the UCLA Henry Samueli School of Engineering and Applied Science for more than 20 years, has done extensive research on denial-of-service attacks and other Internet security issues. He wrote this for the Los Angeles Times.

Related Stories

Cyber attack on Seoul's Unification Ministry

August 9, 2011

The South Korean ministry which handles relations with North Korea has been targeted by hackers in the latest of a series of online attacks on government and corporate websites, an official said Tuesday.

Answers to your questions about massive cyberattack

March 29, 2013

Here are some answers to questions about perhaps the biggest cyberattack ever, which recently targeted Spamhaus, an anti-spam group based in Geneva and London. It ended up slowing down or blocking access to numerous Internet ...

New cyber attack on Japan parliament

November 2, 2011

Japan's parliament has come under cyber attack again, apparently from the same emails linked to a China-based server that have already hit several lawmakers' computers, an official said Wednesday.

Cyber criminals cloak their tracks

February 13, 2008

The 2007 X-Force Security report from IBM finds a disturbing rise in the sophistication of attacks by criminals on Web browsers worldwide. According to IBM, by attacking the browsers of computer users, cyber criminals are ...

South Korea to open cyber warfare school

June 29, 2011

South Korea's military will create a cyber warfare school to help combat growing Internet attacks from North Korea, an official said Wednesday.

Recommended for you

Cryptocurrency rivals snap at Bitcoin's heels

January 14, 2018

Bitcoin may be the most famous cryptocurrency but, despite a dizzying rise, it's not the most lucrative one and far from alone in a universe that counts 1,400 rivals, and counting.

Top takeaways from Consumers Electronics Show

January 13, 2018

The 2018 Consumer Electronics Show, which concluded Friday in Las Vegas, drew some 4,000 exhibitors from dozens of countries and more than 170,000 attendees, showcased some of the latest from the technology world.

Finnish firm detects new Intel security flaw

January 12, 2018

A new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday.

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Apr 13, 2013
North Korea appears to be run by a whining, incompetent child.

It's almost as comical as watching Conservative American presidents like Reagan and Bush run their country into the ground.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.