How Technology is Protecting You
In recent years, the technology industry has grown to understand that security needs to be one of the top priorities. Companies have developed many tools and techniques to help protect you.
Intrusion Detection System (IDS)
Intrusion Detection Systems have become a major player in the security market, recently becoming more affordable for small businesses and should soon come into use for home users. Basically, an IDS is either a hardware or software system (or even both) that is used to detect hacking attempts. They are programmed to identify common attack types and stop them from taking place. So far, this type of system has been extremely effective in corporate environments and server farms.
Remote Logging Tools
Many server farms and major corporations have deployed computers with one specific task: to monitor the use of the servers. They generally keep logs of everything: what process does what, what users are online, what information is accessed and by who, and even go as far as monitoring system loads. In case of irregular activity, the computer notifies the IT department, who usually have little problem determining if such activity was an attack or not. Also, thanks to the computer’s log, IT usually has no problem identifying the source of such an attack. Such systems are growing in popularity and are getting smarter. The reason they are called remote logging tools is because they are generally not on the main network – they are deployed on a intranet system or completely separate connection to avoid tampering.
Executive Disable Bit
A technology developed by Intel and first released in 2001 for their Itanium class processor, the executive disable bit was designed to prevent buffer overflow attacks. When a malicious user attempts to overflow the memory buffer, it disables code execution and prevents the worm from entering the network. The technology has now been released on the Pentium 4 class processors, with emt64 technology enabled, but requires specific operating systems. The official information can be found from Intel here: http://www.intel.com/business/bss/infrastructure/security/xdbit.htm
Law Enforcement
The FBI has also had to change some of its methods in recent years to make their enforcement more effective. According to this news report, wiretaps have increased dramatically last year. This can be credited to the rise of mobile phone use, internet users, and chat services. Wiretaps allow law enforcement to listen to and record information coming from data lines and wireless signals. By using wiretaps to their advantage, the FBI can prosecute criminals with more solid evidence.
How Laws are Protecting You
For many years, computer crimes were considered “gray” in legal terms – meaning something wasn’t exactly legal, but it wasn’t exactly illegal either (unclear). Today, there are many laws and regulations related to computers.
International Laws
There are many international laws that govern the exchange of hacking information between countries and how to enforce these laws. Check out this link for more details.
United States Federal Laws
In 1984, the United States Congress passed the Computer Fraud and Abuse Act, which defined a computer crime. It provides seven things that make a computer crime a federal offense. These seven things are: electronic espionage, intentionally accessing a computer without authorization, browsing in a government computer, acts of theft from protected computers, trafficking in passwords, and extortion conduct related to computers. The Computer Fraud and Abuse Act has been amended several times in its two-decade long existence, most notably in 2001, undergoing major changes due to the Patriot Act.
The Patriot Act caused many changes to the Computer Fraud and Abuse Act. It changed the means by which law enforcement monitors communications, making it easier to prosecute. It added a section to cover cyber-terrorism and money laundering to include penalties for damaging a government computer used to protect the nation. Also, it redefines the definition of loss. Prior to the Patriot Act, loss was considered to be actual costs lost per person and had to exceed $5,000 to be prosecutable. This caused problems on Denial of Service cases, where individual damage did not exceed $5,000, as it was distributed over a wide number of users. Loss was redefined to include "any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service." The new definition will make it much simpler to prosecute computer crimes.
For more information on the Patriot Act and how it affects computer crimes, click here.
For the official text of the Computer Fraud and Abuse Act, click here.
The PCMech.com weekly newsletter has been running strong for over 8 years. Sign up to get tech news, updates and exclusive content - right in your inbox. Also get (several) free gifts.
“War Games” & “Hackers: The Movie” sure did motivate a few kids to become internet security specialists. Groups formed on mIRC and it became pretty big at that time.