The Internet is not one giant pipe that can be severed.  The nature of the Internet is that it’s split it a spider web of networks all interconnected.  If your data can’t get from A to B because someone maliciously severed a connection somewhere, the traffic could be routed from A to D to C and then to B. The key point in that sentence is the data still gets from A to B, just in a different manner.

So, could the Internet be taken down?  In terms of logical ways to sabotage it, no.  The Internet is gigantic; it would take a massive attack, and I mean GIGANTIC ATTACK, both of hardware sabotage and network/packet sabotage to Internet backbones around the world.  This coordination would be a huge logistical task and highly improbable.

If an attacker severed an “Internet backbone” as their known, traffic disruption on the Internet would occur.  In 2008, fiber optic cables on the sea floor were being cut with no culprits ever being found.  Some have theorized the attacks were government entities testing the waters on how the public and private sector would respond to disruption.  Cutting large cables on the sea floor is no cheap task, I have no doubt it was some kind of professional operation by someone.

So could your e-mail and Netflix suddenly vanish because of no bandwidth some day?  Surely, but don’t expect the flow of information around the world to cease at the flick of a switch or slice of a giant scissors.  You may be able to slice a chunk of the network out, maybe even a few, but no person or organization could take down the entire Internet.  No one.

Your Not Secure Out Of The Gate

Most users think just having a router is an automatic shield after listening to various media stories praise routers for their firewall abilities.  This is not the case.  Most routers you purchase at your local electronics store (Best Buy, Wal-Mart etc.) is not secure when you first plug it in. Routers are normally pre-configured to be open wireless access points.  This means anyone within its range will be able to use your connection, no questions asked.  This is done to make setup easy and compatible with most operating systems.  The only problem is it leaves your network open to attack.

The very first thing you’ll want to is login to your router’s administration panel.  This is done by typing in a 192.168.x.x address into your browsers address bar.  The actual number varies by router manufacturer, look in your user guide or online to find the local IP address for your router.  Linksys for example is 192.168.1.1.  The manufacturer sets very easy non-secure passwords.  These are easily found online as well as in your user guide and if left unchanged will make your network exceptionally vulnerable.  You’ll want to change the password to your router right away.  Make sure it is a secure password of at least six characters and preferably with upper and lowercase letters and numbers.

Bad Advice From GeekSquad

Local sales associates at places like Best Buy are often clueless on network security and sometimes offer up misleading advice.  Here are some steps that aren’t harmful, but mostly just a waste of time because they don’t secure your network.

• Turning off your SSID broadcast. - The SSID (Service Set Identifier) is an identifier broadcast by a wireless router.  You might know this as your network name.  Most routers default SSID broadcast is the manufacturers name (linksys, netgear etc.)  Turning this off does nothing to protect your network.  With the proper software, a malicious user could easily spot your networks presence even with the SSID off.  It is a false sense of security.   Changing the network name won’t make you more secure either, though I would recommend doing it.  Just make sure you SSID isn’t identifiable making it easy for outside users to know where the network is located (i.e. last name, home address are all no no’s)
• Turning DHCP Off - This in theory is a good idea but really doesn’t make you more secure.  It is easy to detect the method in which ip addresses are being assigned and make a request matching that method.
• Filtering MAC Addresses – Filtering MAC addresses is a good practice to get into, but for most households and businesses it causes more headache than what it’s worth.  For homes with many devices on the network like game systems, multiple computers and cell phones, filtering MAC addresses simply isn’t practical.  That being said, a malicious user with easily attainable monitoring software can replicate a MAC address and still penetrate your network.  This method has some value for keeping the average user off the network but will crumble with ease against advanced computer users.

What You Should Do

The easiest thing you can do to secure your network is protect your wireless access point with encryption.  There are two different kinds of encryption you can use.  One is known as Wired Equivalent Privacy or WEP. This encryption is better than nothing but it does have a huge problem.

Beginning in 2001, several serious weaknesses were identified by cryptanalysts with the result that today a WEP connection can be cracked with readily available software found online within minutes. — Source:  Wikipedia

WEP can be easily cracked within minutes therefore it should not be your first choice, though it is better than having no encryption at all.  It will keep your pesky neighbors with no computer skills from using your bandwidth, but even the most novice 13 year-old could brute force their way into your network.  You want something with a little more ‘umph’.

You will want to use Wifi Protected Access, otherwise known as WPA,  for your wireless encryption.  WPA was designed after flaws were discovered in WEP that led to its demise.  Recently, researchers have found a way to crack WPA-TKIP connections, though it is still tougher than cracking WEP.  Since this has happened, you’ll want to make sure your using WPA-AES encryption to remain secure.  AES stands for Advanced Encryption Standard and the encryption contains three block ciphers.  It has been adopted by the U.S. government as their standard for encrypting sensitive networks and has yet to be cracked.

WPA2 is an even newer advance in WiFi network security.  If you have an older router or a computer older than 3 years old you may have compatibility issues.  For less headaches and still secure network, stick with WPA-AES unless you have all ‘newer’ hardware.

Conclusion

The simplest thing you can do to protect your wireless network is still encrypting it.  There is no need to cause yourself more trouble by turning off DHCP or hiding the SSID identifier. It will only give you headaches and nightmares down the road.  Most need for securing your WiFi comes from nosey neighbors or passer-by’s looking to score free Internet.  They don’t want to steal your credit card info or read your e-mails bur just score free interwebs. However, there are individuals who go around looking for easy targets to steal sensitive information from.

2. Has your son asked you to change ISPs?

Most American families use trusted and responsible Internet Service Providers, such as AOL. These providers have a strict “No Hacking” policy, and take careful measures to ensure that your Internet experience is enjoyable, educational and above all legal. If your child is becoming a hacker, one of his first steps will be to request a change to a more hacker friendly provider.

I would advise all parents to refuse this request. One of the reasons your son is interested in switching providers is to get away from AOL‘s child safety filter. This filter is vital to any parent who wants his son to enjoy the internet without the endangering him through exposure to “adult” content. It is best to stick with the protection AOL provides, rather than using a home-based solution. If your son is becoming a hacker, he will be able to circumvent any home-based measures with surprising ease, using information gleaned from various hacker sites.

We all know so many Internet users choose AOL right?  I would have really loved a definition of what a hacker friendly ISP is as well.  According to this guide that your son or daughter could easily circumvent home-based protection and filtering, it’s best to stick with AOL for their filtering.  This is a joke right? (Sadly, no)

2.  Are you finding programs on your computer that you don’t remember installing?

Your son will probably try to install some hacker software. He may attempt to conceal the presence of the software in some way, but you can usually find any new programs by reading through the programs listed under “Install/Remove Programs” in your control panel. Popular hacker software includes “Comet Cursor”, “Bonzi Buddy” and “Flash”.

The best option is to confront your son with the evidence, and force him to remove the offending programs. He will probably try to install the software again, but you will be able to tell that this is happening, if your machine offers to “download” one of the hacker applications. If this happens, it is time to give your son a stern talking to, and possibly consider punishing him with a grounding.

I didn’t know Adobe Flash was a ‘hax0r’ application.  I guess I’m getting too old!  But don’t forget about that grounding.

3.  Has your son radically changed his appearance?

If your son has undergone a sudden change in his style of dress, you may have a hacker on your hands. Hackers tend to dress in bright, day-glo colors. They may wear baggy pants, bright colored shirts and spiky hair dyed in bright colors to match their clothes. They may take to carrying “glow-sticks” and some wear pacifiers around their necks. (I have no idea why they do this) There are many such hackers in schools today, and your son may have started to associate with them. If you notice that your son’s group of friends includes people dressed like this, it is time to think about a severe curfew, to protect him from dangerous influences.

If you began restricting this kind of dress code, you could lock up half your child’s school.  Glow sticks might be more indicative of a raver than a hacker, but we likely have the movie ‘Hackers’ to thank for this one.

Content provided by Adequacy.org

This information was written satirically to all the posts you read by parents online asking if their child is a hacker.  Most of these queries by parents are often fueled by 60 Minutes stories or CNN investigations into the ‘underground’ hacker culture of the Internet.  These stories are typically extremely exaggerated.  Oh wait, you disagree with that statement.  60 Minutes story on Conficker a few weeks ago is a perfect example.

“They call their weapons viruses and worms – they’re creepy, crawly toxic software that contaminate our computers without our ever knowing it. You can be infected by simply visiting your favorite Web site, or just by leaving your computer on, overnight while you’re asleep. “  – Lesley Stahl – 60 Minutes-March 29th, 2009

Wow, makes you want to turn your computer off right?

Just know your kids folks, just know your kids.

Security analyst’s said the attacks stem from Russia and China, both are trying to map our power grid infrastructure and its inner-workings.  Government officials stress no immediate threat can be seen. 

The software the hackers left behind were meant to be stealthy and hidden, ready to be turned on for malicious reasons in time of attack, but was luckily found by U.S. Intelligence and Security agencies. 

The Kansas City Star is reporting that In 1997, Kansas City Power & Light saw about 10,000 such “events” each month. Now it’s 10 to 20 every second.

The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Officials said water, sewage and other infrastructure systems also were at risk.

“Over the past several years, we have seen cyberattacks against critical infrastructures abroad, and many of our own infrastructures are as vulnerable as their foreign counterparts,” Director of National Intelligence Dennis Blair recently told lawmakers. “A number of nations, including Russia and China, can disrupt elements of the U.S. information infrastructure.”

A senior Pentagon official said Tuesday the Pentagon has spent $100 million in the past six months repairing cyber damage.

Security experts from the U.S. government have stated the attacks are so sophisticated, they are likely perpetrated by China and Russia. 

Conficker, Ghost spy network, PowerPoint attacks and now the U.S. electricity grid.  Are these breaches overblown media stories meant to instill fear and pump sales of security software?  It seems like there are more and more stories about the latest worm or breach of security of epic proportions.

I believe there is definitely a risk of any box that is connected to the Internet, no matter how many software or hardware defenses you have on it.  Nothing is perfect, no security unreachable.  If we have learned anything from Kevin Mitnick, it’s that the hardware is not the weakest link.  The weakest link of any network is almost always the users who manage it orhave access to it.  Social engineering is a real threat and the only defense against it is training every single person who has access to your secured network.  I wish more details were available on how these networks were penetrated, but we will likely never know. 

Even with all the training in the world, no one is perfect.  All the security in the world, none of which is perfect.  Therefore, any network is not 100% secure.

“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the company said. “Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
“At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability,” the company added.

At the time of this article, Microsoft has not issue an immediate patch but expressed the exploit will be fixed with their monthly security update.

Microsoft has instructed users not to open any PowerPoint (.ppt) presentations from unknown people via the Internet or on USB flash drives until they can patch the problem.

Up to this point, Conficker has been focusing on multiplying and spreading while blocking access to anti-virus and spyware applications that could repair the infection.  

On April 1st, your not going to see any fireworks online.  Government websites won’t crash and your computer will not choke up a BSOD on you.  Why?

•  Hackers who create this kind of malware don’t want you to know your infected.  They want to idle in the background and use your system and its resources without you knowing for their own gain like forwarding spam, Ddos attacks and other malicious activity
• Though they have been getting great press, they don’t want it and won’t let it ‘all hang out’ on April Fools day

Tools For Removal  

• McAfee Stinger
• ESet EConfickerRemover
• Symantec W32.Downadup Removal Tool
• F-Secure F-Downadup, FSMRT, more tools
• BitDefender single PC and network removal tools
• Kaspersky KKiller
• Trend Micro

The Christian Science Monitor is reporting…

Thirty percent of the targeted computers could be considered “high-value” targets. No US government computers were compromised; however, the cyber spies broke into a NATO computer for half a day.

Researchers were called in to investigate by the Dalai Lama when it was believed that Tibetan e-mail communications were being intercepted.  What was initially a very focused investigation quickly blew up into a major worldwide discovery.

It is important to report, because all evidence points towards China, doesn’t mean it is orchestrated by them.   Dan Colarusso writes, “The investigation, which doesn’t point at the Chinese government specifically.”

“This could well be the C.I.A. or the Russians. It’s a murky realm that we’re lifting the lid on.” said Ronald J. Deibert, a member of the research group and an associate professor of political science at the University of Toronto.

Don’t get worried about a ‘mega-uber-dooper secret un-stoppable malware infection’.  This isn’t a complex attack by any means.  It is social engineering at its best.  Social engineering was made famous by hacker Kevin Mitnick.

Forensics by Deibert and his team found that the attack originally started on a message board.  A monk had been engaging in a normal conversation where a hacker targeted him based on his e-mail address domain.  A hacker sent him an infected PDF and Word document to start the attack.  The hacker then began intercepting his communications and began targeting upper echelon targets on his e-mail contact list.  His attack continued scaling up until major ‘high value’ targets were infected.

It is true that your network is only secure as your weakest link, and no your router or OS is not your weakest link.  Your weakest link is likely the people who have access to the network already and divulge information much too easily.  It is still important to defend from random attacks simply based on holes and vulnerabilities, but just as important if not more to educate users of your network on good practices to stop social engineering attacks.