[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CERT vs. Net Mafia?



NEWSWEEK, February 21, 1994, p.73

Technology: How to fight crime on the Internet

A SWAT Team in Cyberspace

Joshua Cooper Ramo

The First Hint of trouble came at 3 a.m. one night last December.  A
panicky New York computer bulletin board operator called the Computer
Emergency Response Team center at Carnegie Mellon University in
Pittsburgh to report discovering an unauthorized program that could
surreptitiously record users' secret passwords.  CERT is the SWAT team
of the electronic frontier; the call sent these cybercops scrambling
to their keyboards to try and figure out who was behind the break-in -
- and whether it had spread.  "It's like finding rats in your
apartment," says CERT manager Dain Gary.  "When you see one, there are
probably a hundred.  In this case, there are probably 10,000."

The New York bulletin board is hooked up to the Internet, an
international web of computers that links 20 million users.  If one
system is compromised, many more are vulnerable.  The December break-
in turned out to be the first of hundreds of similar reports: earlier
this month Gary's team concluded there was an organized effort to
infiltrate the Internet.  Although the culprits were still loose and
their motives were unclear last week, CERT's detective work has won
the team respect and new attention on the net.  A typical Internet
message: "It's nice to know that somebody out there is helping keep us
techno-peons in the loop."

Created by the Defense Department five years ago after the last
widespread Internet break-in, the CERT team operates out of a sleek
granite building.  CERT has no legal power to arrest or prosecute;
instead, the team of about 15 programmers pokes through violated
systems using their only weapons: dozens of computers.  Like the
hackers they track, CERT team members often work round the clock,
subsisting on takeout Chinese food.  Gary, 52, CERT's manager, is a
decorated army attack- helicopter pilot and an expert in computer
security.  Hackers are "the adversary," he says.  "We try to help the
victim" by posting warnings of "holes" -- vulnerabilities -- and fixes
on the net.  "But as the net grows, the incidents are climbing," he
says.  "The motives are changing."

Net Mafia? Ten years ago hackers were usually youthful pranksters,
mostly interested in demonstrating technical ingenuity.  Now there's a
growing feeling that more sinister forces may be loose, perhaps a kind
of net mafia intent on outright theft through use of credit-card
numbers or other data.

Last year CERT responded to almost 1,500 calls, a 75 percent increase
from 1992's.  CERT won't disclose its budget, but clearly a lot of
help comes from volunteers interested in preserving the integrity of
the net.  Particularly complicated security breaches are farmed out
around the country to an unofficial brain trust of specialists in
specific operating systems.  The rest of the detective work is on line
in Pittsburgh.   Rich Pethia, 47, CERT's coordinator, has spent 25
years working on the net; he says his job gets tougher every year. 
The team must deal with increasingly sophisticated hackers and
criticism from netters who think that providing hole data is like
giving cybercrooks keys to computers.

Unfortunately, finding holes is often easier than fixing them.  CERT
still doesn't have a long-term solution to the current break-in
problem.  Last week, in response to the CERT alarm, network operators
around the world booted and rebooted their systems, looking for signs
of trouble.   Back in Pittsburgh, the CERT team members were hunched
over their keyboards, ready for the next call.