Motives, methods of hackers are changing
- By William Jackson
- Mar 25, 2004
A Homeland Security Department official this morning defended the administration against criticism that there is now no White House-level office of cybersecurity.
Presidential cybersecurity adviser positions were eliminated last year after the February release of the National Strategy to Secure Cyberspace.
"Our answer to that is, that office produced the strategy," said Lawrence Hale, deputy director of the U.S. Computer Emergency Readiness Team at DHS. "When it comes time to implement the strategy, that is more appropriately done in the departments."
Hale, speaking at the FOSE trade show in Washington, described a second generation of malicious code now threatening Internet-connected computers.
"The trend now is to take advantage of other hackers' back doors," he said. When a new worm takes over an already-compromised machine, it patches the original vulnerability, making the computer available only to the new "owner."
"Profit is the motive," Hale said. "They are turning your machines into mail servers. They are being used to spam. They are being used as Web servers to host pornography sites. There is big money in spam."
Tom Reddington, director of Bell Labs' Internet Research Lab, said new "improved" types of malicious code are on the horizon, such as polymorphic viruses that can morph to evade signature-based defenses.
"This hasn't been seen yet," he said. But, "we think it's going to be a lot worse than it is now."
Reddington said security requires attention to the complete IT infrastructure, not merely components. Toward that end, the lab researches protocol security, malicious code, network mapping and software vulnerabilities. He proposed a new type of security device for network protection, a hardware-based router shield with very high-speed packet processing.
"We believe we can do this," he said.
William Jackson is a Maryland-based freelance writer.