Intercom Online......January 20, 2000

E-mail security should be
a priority for computer users

Editor's note: This is the first article in a two-part series on computer network security at Penn State. The second part, which deals with security on the World Wide Web, will appear in the Jan. 27 issue of Intercom.

By Heather Herzog
Computer and Information Systems

It's Monday morning. You walk into your office and switch on your computer. It makes its familiar humming sound as software icons appear one by one on the screen. You begin thumbing through the morning mail when something strange happens. The CD-ROM disc drawer on your computer slides open then closes by itself -- almost as if by remote control. The drawer opens a second time and then begins to open and close rapidly in succession. You dig in your desk for the computer instruction manual and simultaneously wonder if it's too early in the morning to dial the Center for Academic Computing's help-line. Suddenly music blasts from the speakers and your monitor flashes colors in a bizarre strobe-light display. You haven't touched the keys of your computer and you're starting to feel as if you're in the Twilight Zone... or perhaps that your computer is well ... umm ... haunted...

In a sense it is. What you're experiencing is a popular form of computer security attack, known as a trojan horse. In this case, it's a type of trojan horse that enables an intruder to control another person's computer remotely. Trojan horse programs go by a variety of names (NetBus and BO2K are two common examples) and they're frequently passed by e-mail attachment from one computer to another or contracted by downloading and using a file. Like its cousin the computer virus, the trojan horse can cause a wide-range of computer problems -- from inconsequential mischief to serious system damage.

As the information highway grows and the manipulation of electronic data becomes more complex, Penn State administrators, like those at other universities, are examining what can be done to raise awareness of information security issues and ensure the protection of personnel and students.

According to network security experts, e-mail (electronic mail) is a particularly vulnerable area for many people in higher education today.

"E-mail is an easy target because it has become an indispensable communication tool at universities," said Kathy Kimball, director of Computer and Network Security at Penn State. "Students use it to stay in touch with instructors, parents and friends. Staff and faculty increasingly rely on it to communicate with one another and maintain contacts with colleagues at other institutions."

Yet despite the rewards, a corresponding host of electronic pests continues to expand. Viruses and worms (programs that travel from computer to computer, infecting and sometimes damaging each one they contact) now occur more frequently than ever due to electronic transmission. From 1997 to 1998, the rate of infection rose by 48 percent and is still climbing. There are tens of thousands of viruses -- three or four new ones appearing each day, according to a report on CNET last year.

Kimball explained that the Chernobyl Virus (CIH) and Happy99, rather than the well-publicized Melissa, have so far been the high-focus viruses at Penn State.

"Malicious programs, like CIH, are known to modify or delete computer files, sometimes immediately before a mid-term or final period," Kimball said.

And there are other e-mail pests. E-mail bombs, for instance, overload electronic mail software with hundreds, sometimes thousands of messages making it impossible for the recipient to access or send mail. Censorbots (from the word robot) can indiscriminately erase newsgroup messages and delete postings targeted by hackers.

"There are also e-mail schemes such as pyramids or chain letters that may seem harmless," said Kimball, "but if you receive an electronic letter of this type, don't do anything the sender suggests. At best, forwarding the e-mail may prove annoying to recipients; but at worst, you may be helping to perpetrate a fraud."

Finally, electronic name forgery -- which happens when a perpetrator uses someone else's user ID to send out information in his or her name -- can have personally damaging results. For example, a student from a Big Ten university woke up in the morning recently to find that someone sent out hundreds of verbally abusive e-mails in her name.

The issue is perplexing those who use e-mail. How do Internet users continue to enjoy the benefits of electronic communication and simultaneously feel their interactions are protected? According to Kimball, there are many methods available to address technology security concerns, but they are under-used, often because of a lack of public awareness.

"Computer users need to be aware of the concerns and use common sense," she said. "Don't share passwords even with the best of friends and never share extremely sensitive or personal information. Tools such as virus detectors, power-on passwords (code which keeps others from booting up your computer without a password) and file encryption (code which makes your files unreadable to others) can also provide a great deal of protection for individual users."

In addition, information regarding tools as well as abundant security tips can be found on the World Wide Web. Links to security organizations like the Center for Education and Research in Information Assurance and Security (CERIAS) http://www.cerias.purdue.edu/, the Forum of Incident Response and Security Teams (FIRST) http://www.first.org/ and Security Focus http://www.securityfocus.com/ provide updates on subjects like viruses, encryption (document coding), firewalls (electronic gate keepers for your computer), large-scale network security services and much more.

If you experience what you believe to be a computer security incident, please notify the University Computer, Network and Information Security Office at (814) 863-9533; 24-hour help-line at (814) 863-HELP); or send e-mail to security@psu.edu. If you have questions or concerns about computer viruses, contact the Center for Academic Computing (CAC) Help Desk at (814) 863-1035 or (814) 863-2494.

Back to news index

Back to Intercom home page