In ancient times the hammer of the god’s referred to a Viking named Thor. Today it can take on a different meaning. Hacker’s are named according to their skill levels being called gurus and gods. Today’s hammer of the gods is the end user. The end user is one of the best resources that a hacker has. Today’s worms depend on the unskilled and uneducated end user to perform distributed denial of service attacks. The U.S. government seen this as I discussed in an earlier chapter referring to the code red worm that performed a distributed denial of service attack on the white house. Since that time CERT was developed. The United States Computer Emergency Readiness Team. Using Carnegie Mellon Software Engineering Institute as a base they began to publish documents to make the public aware of security issues and threats. The CERT team has done well at this and I would suggest viewing their webpage called Information for New and Home Users located at http://www.cert.org/homeusers/ to anyone who is unfamiliar or new to computer technology. The CERT team has done an excellent job on that page bringing the whole issue down in layman’s terms easy to understand and comprehend to the newer users.
Why end users do not secure themselves is an issue that must be explored extensively and researched if any lasting solution to the dilemma of security is to be brought into manifestation. End users represent all those who are at the bottom of the infrastructure whether they be home users or those at the bottom of the corporate infrastructure being secretaries and the like. Since I have acquired many skills from years of experience with computers and the Internet I have developed many acquaintances and relationships with people online and offline. It is not unusual for my phone to ring many times a day with people asking me to help them with problems they encounter. I get calls locally and overseas. I have been referred to public officials such as mayors to fix security dilemmas that they have encountered. I don’t know everything but I can humbly say that I a good solid base from experience from spending most of my free time in front of a computer screen writing programs and scripts and researching security. I have dealt with many end users, some seem to respond well to my suggestions for securing their machines, yet many nodded their heads and didn’t take them only to call me back time and time again after they were hacked or became infected with a worm or virus.
Tim is one such individual I speak of. Tim lives in California he is not unintelligent but educated he works in the field of nuclear medicine and has college degrees. Time and time again I told time about firewalls, keeping antivirus software up to date, and other things to help him secure his computer. He was one that nodded yes in agreement but did not perform the actions I suggested. Tim had much confidential data on his computer such as medical records etc. In July of 2004 I get a call about him. His ISP has cancelled him. Tim uses a dial up connection which is slow compared to the high speed cable we have today. On his dial up connection he was infected with a worm that had used his computer to send out 3,000 emails in the matter of a week or two. For this reason his service provider disconnected him and canceled his subscription. Those emails that were sent out more than likely contained the same worm that Tim was infected with and those who opened the emails and viewed whatever attachment was contained in it became infected also and the cycle went on. This is but one of many stories I could tell of users who call me who are just like Tim. An ounce of prevention is worth a pound of cure in this field. It would have been easier for Tim to secure his system than to loose his subscription, make confidential data available to hackers, and end up formatting his hard drive and going through the process of endless hours downloading software patches and updates on dial up, which he ended up doing. Further conversations with Tim revealed why he did not secure his system. He understood the concepts but did not understand exactly how to apply them technically. Tim was educated and possessed an amount of pride that would not allow him to call me back and just say, “How do I do it?” This may be a reason many end users are insecure their pride may keep them for asking for help when they do not understand something. They somehow feel they have some standard to live up to that will not allow them to humbly ask for help.
Other users I have encountered get into trouble and do not ask for help because they acquired their problem from doing things either immoral or illegal. Such is the case of a company executive or political official who has been browsing pornography sites or has attempted to steal software, and has gotten malware from illegal downloads or by browsing pornography sites which are renowned for their tendency to put malware on machines. These people are also hesitant to ask for help and many will only do so in extreme cases of desperation. Perhaps this is why people refer me instead of Comp U.S.A. or other repair shops because I have a reputation of fixing things without divulging personal information
There are other reasons as well that people don’t secure themselves. In today’s fast paced society that puts many demands on people time itself is a factor. It is a large one that must be considered. Many end users are home users that live life on a very tight schedule. Even though some of these may have a desire to learn about security and become secure the daily demands of their lifestyle does not permit it to occur. Many people are not Internet savvy because they simple don’t have the time to become so. New people buy computers daily and connect to the Internet and spend a small amount of time using it to read or send email or browse or shop. Their time on the net is limited and they don’t see the need to secure themselves until they encounter problems, and even then time does not permit many to perform sufficient measure and they remain insecure. The single working mother of father, or the hurried entrepreneur, falls into this category. The solution for this category may be to develop software that makes updates mandatory in order to continue to use a computer. Software that gives the end user no choice as to update or not and requires a firewall.
Inconvenience is another factor that comes to play in this scenario. In a day when convenience stores prosper and fast food chains make money it is not difficult to see how we have become spoiled by convenience. I recall a man named Roy who called me about a year ago. Roy‘s computer had been taken control of by hackers. One day Roy told me that someone else was moving the mouse pointer on his computer. Roy watched as this person took control over his machine and was powerless to stop it. I formatted Roys machine reinstalled windows did all his updates. I installed an antivirus and showed him how to update it. I installed a firewall and showed him how to use it. Three weeks later Roy‘s computer was broken into again. His internet service provider had dropped him for emailing pornography to people he had never heard of. Roy called me asking me what he should do. I ask him some questions and came to discover that he didn’t like having to click yes or no when the firewall ask him if he wanted to allow programs to call in or out of his computer. He also disabled the antrtivirus saying it slowed him down. Roy’s main alibi for disabling his security software was the lack of convenience. Basically he was too lazy to click a pop up window and take control of his permissions .He was also impatient and wanted fast service. For these actions he paid the price of having to explain to his ISP and wife why there was so much pornography on his machine. People like Roy represent a portion of end users who do not implement security because of inconvenience.
Ignorance or a lack or education or proper training is a factor that needs to be addressed concerning the end user and the security dilemma. New users buy computers and hook up to the net daily. Unfortunately computers don’t come shipped from the manufacturer secure. New users have no idea how to secure them or even know they have to. They may come shipped with antivirus software but the new user does not know how to use it or update it. I know of none that come shipped with a firewall installed at this time unless it is part of a security suite and even then the new user won’t understand it. Meanwhile they get hooked up to the net and become targets of worms or hackers to turn them into zombies and use their machines as attack machines or to disguise themselves to avoid detection. A solution to this may be requiring new users to pass a written examination before being allowed to purchase a computer much the same way that firearms are controlled. This may make sense because in a sense if they do not secure their machines chances are good that their machines will become the firearms of a hacker or a worm.
To further understand the threat that the end user poses let us examine some statistics.
Lee Rainie gives us this information in the article Reports:Internet revolution lee says this,” During the second half of 2000, when much attention was focused on the struggles of dot-com firms, the overall Internet population continued to grow at a healthy clip as women, minorities, those earning between $30,000 and $50,000 flocked online, and parents with children at home flocked online. The number of American adults with Internet access grew from about 88 million to more than 104 million during that period of time. The increase in online access by all kinds of Americans highlights the fact that the Internet population looks more and more like the overall population of the United States. However, there are still some notable demographic differences when it comes to access, especially those related to age and household income.”(Rainie)[1]
Lee cites a vast number of people who represent end users during the year 200.The number of those connected grew and the number of those connected to broadband grew even more significantly since that time. The speed of the internet continually increased. We can see this by examining another article written by Stephen Lawson for IDG news service during the next few years Steve tells us of the increase in broadband connectivity saying,” A majority of U.S. home Internet users now have broadband, according to a survey by NetRatings Inc.
While the total number of home Internet users has reached a plateau in the U.S., those who do use the Internet are adopting broadband at a rapid pace, according to Marc Ryan, senior director of analysis at the audience measurement company.
In July, an estimated 63 million home Internet users, or 51%, used broadband, compared with 61.3 million, or 49%, with dial-up. A year earlier, just 38% of all home Internet users used broadband, at about 42.8 million, and 62%, or about 70.5 million, were dial-up users.”(Lawson)[2]
All these end users are potential targets of the worms that have wrecked so much havoc on the Internet today. The amounts that use broadband have even a greater impact because the systems are always on and have a high rate of transfer speed. The speed of the CPU in today’s machines will also have an impact on security for this reason. Older machines relied on C++ as a computer language that is not easily understood and a novice programmer would be incapable of writing a worm in C++. C++ was used because it did not take up the resources that visual basic did. Because of the high speed of the CPU’s in newer machines visual basic is becoming more of a choice for many programmers and it’s much easier to write a worm, Trojan, or virus in visual basic than C++. This trend could lead to an increase in the number of those who write malware.
This increase of speed has led to the faster release of malware worldwide. We can visualize this reading Gerhard Eschelbeck’s article entitled Viruses are able to infect corporate computer systems faster than ever before. In his article Gerhard states,” There has been a surge in viruses, worms and other malicious code plaguing networks throughout the UK during the past year. According to a PricewaterhouseCoopers report for the Department of Trade & Industry, 72% of UK businesses received infected e-mails or files during 2003.
Some 33% of large businesses received more than 100 separate viruses during the year. These infections happened despite the fact that 99% of large businesses are running anti-virus software. The risks to businesses are huge, so it is important to understand how to protect networks from the "threats of the future" that are upon us now.
Security threats come in three categories. Simple first-generation threats are generic virus-type attacks spread by users opening infected e-mail and inconspicuous file attachments.
More sophisticated second-generation threats pose bigger problems. Created with automated tools, these worms attack vulnerabilities without human interaction. Replication, identification, and targeting of new victims is automatic.”(Eschelbeck)[3]
If businesses who can afford elaborate antivirus software cannot control the spread of these worms it could be even more difficult for the home user type of end user to stay secure with minimal security assets. The home user represents a large portion of users and more attention needs to be given to this group as they as a group posses the power to bring down major servers via distributed denial of service attacks.