Lock the doors and throw away the ethernet ports

When a computer is connected to a network to download the latest security patches for the first time, it is truly a sheep among the wolves. Recently I wrote about this and now CERT has taken the time to publish guidelines for new computer owners. After all as they point out, the time for an unprotected computer to be compromised is measured in minutes on many networks.

Many probably do not make the correlation between home computers and UCE/SPAM, DDOS and Trojan Horses. Unfortunately this brings about the direct result of an increase in activity among those three categories. The easiest way to bring sense to this issue is to describe real examples of the problems. It will make it clear that we truly face a battle of the clones, to use the Star Wars euphemism.

UCE/SPAM
Yesterday a coworker received a piece of SPAM email. It happened to contain nothing but a 404 error message. Why? The compromised machine that sent the SPAM was a home PC which downloads the SPAM message from a server controlled by the spammer. The website went offline resulting in (likely) millions of 404 messages being emailed to end-users. Comical and annoying but it is the result of an unprotected home machine.

DDOS
To successfully distribute a denial of service attack, you need MANY machines; hundreds or thousands for even a respectable assault. This is easily done if you can build a network of computers – drones so to speak – that are waiting your every command. The moment you say go, certain death is to follow! Dramatic but truthful and it is the result of unprotected home machines.

Trojan Horses
This is an obscure category because few really understand the nature of a Trojan Horse. Truthfully DDOS attacks are one example, but here I refer to the cleverer of parasites: the ones with a specific goal in mind. By targeting attacks at home users involving a specific company or government entity, you can be guaranteed that many of the home users involved with your target will receive your message. After enough time has passed, you can compromise enough home PCs that you will gain vital information about how your target works, including possible VPN keys, passwords, usernames or confidential information about their operations. It is dangerous and hardly trivial but very possible as a result of unprotected home machines.

Here exists a significant responsibility on the part of home users. If the only way to catch a bank robber was by identifying their get-away vehicle, many people would see their cars being stolen and used to commit robberies. This is part and parcel the nature of computer crime in our world. Like learning “netiquette” designed to teach people to be good net citizens, we also have a responsibility to be secure net citizens. To lock our virtual locks and fasten our virtual windows before we inadvertently help our crafty opponents.