• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

Hidden Risks in Clicking on Free Music

Posted on: Tuesday, 4 October 2005, 15:00 CDT

By HUME, Tim

Cyber-thugs slip though lax security MANY HOME computer users hooked on free music and movie downloads are compromising their internet security and unwittingly sharing personal information with online thieves and perverts.

Malicious internet programs which enable hackers to record every keystroke, rummage through personal information and even activate the web cameras of their oblivious targets are causing problems for Kiwis with lax computer security and they may not even realise it.

The Internet Safety Group has heard of one case of a man spying on a woman by activating her webcam through a "trojan" a hidden programme imported in downloaded material, which hands over control of a computer to a remote user.

Some users have had their banking passwords recorded by key- logging devices, and others have had invisible "diallers" installed which call expensive foreign numbers in the middle of the night, incurring large telephone bills.

Computer experts say these opportunistic attacks can mostly be kept out by routine security measures regularly updating firewalls and anti-virus software, scanning for spyware and using strong passwords.

Yet many home computer users are lax in their approach, and some even disable security measures to speed up their computers while filesharing or browsing the net.

Auckland nurse Jane Bebbington disabled her computer's virus checker to speed up her machine while surfing the internet for hostels before a five-week European holiday.

She returned from the holiday to find a phone bill for $168 covering the fortnight before she left, and facing hundreds of dollars more in charges for the five weeks she was away.

A dialler installed on her computer during three unprotected internet sessions, had called numbers in Cuba and England at midnight and 5am daily since she downloaded it, even though the computer was switched off.

"I had a fit when I saw it," she said. "It was just stupid of me to take the virus checker off."

Telecom cancelled the charges as it was the first time she had had problems. Her computer technician found three trojans, including a key- logger, and 138 pieces of spyware on her computer.

"I was incredibly lucky as I normally do my banking online," said Bebbington, who now updates her security every two days.

The Internet Safety Group is starting a survey today of public security habits and a campaign urging people to get a "warrant of fitness" for their home computers.

"What we're saying is `This is the basic minimum we all must do to keep our information safe online'," said director Liz Butterfield.

"It's not that hard, it's not that expensive, but it is crucial that we do it and do it now."

Butterfield said it took only 12 to 14 minutes for a computer using broadband without a firewall to be compromised, giving hackers access to a wealth of personal information.

Users of affected computers would often notice their machine slowing down, random numbers being dialled, new icons appearing or programs locking.

IBM security practice leader John Martin said spyware was also being used to take over computers and use their bandwidth for cyber attacks.

Filesharing could be done securely, or if firewall parameters were correctly set, but many home users lacked the knowledge needed to make these determinations.

Peer-to-peer file-sharing programs often asked users to disable their firewalls to speed up their download, and less-savvy users would often do so.

"It can be inherently a risky thing if you don't know what you're doing," Martin said.

He had come across one filesharing computer with 700 infected files.

Source: Sunday Star - Times; Wellington, New Zealand

More News in this Category