National Cyber Alert System

According to the RSA and US-CERT, Internet Computer users in the USA are the prolific threat to cyber security.  How so?  Let’s give an example of how an Internet computer user’s computer becomes infected with malware and is turned into a malicious spamming bot.

User 1 decides that they would like to download for free some movie, song, program, etc., and installs one of the many different P2P file sharing programs.  They find and download the files(s).  The files are actually placed on a file sharing computer by a malicious group of thugs.  The file(s) are infected with a new undetectable Trojan horse program that can open ports on your computer and run at will.  It could collect your email addresses, most visited web sites, and most importantly your personally identifiable information like name, address, age, telephone number, bank account numbers, and send that data to a computer hidden away somewhere where the thugs will cipher through the data and try to steal your ID.  They can also make you a SPAM bot and then your computer will send many thousands of emails to unsuspecting folks (like those people in your email list) AN HOUR.  These emails could contain links to malicious or fake web sites where the intent is to install the malicious code on your computer.  Repeat the cycle.

From US-CERT:

“National Cyber Alert System

Cyber Security Tip ST05-007

File-sharing technology is a popular way for users to exchange, or “share,” files. However, using this technology makes you susceptible to risks such as infection, attack, or exposure of personal information.

What is file sharing?

File sharing involves using technology that allows Internet users to share files that are housed on their individual computers. Peer-to-peer (P2P) applications, such as those used to share music files, are some of the most common forms of file-sharing technology. However, P2P applications introduce security risks that may put your information or your computer in jeopardy.

What risks does file-sharing technology introduce?

  • Installation of malicious code – When you use P2P applications, it is difficult, if not impossible, to verify that the source of the files is trustworthy. These applications are often used by attackers to transmit malicious code. Attackers may incorporate spyware, viruses, Trojan horses, or worms into the files. When you download the files, your computer becomes infected (see Recognizing and Avoiding Spyware and Recovering from Viruses, Worms, and Trojan Horses for more information).
  • Exposure of sensitive or personal information – By using P2P applications, you may be giving other users access to personal information. Whether it’s because certain directories are accessible or because you provide personal information to what you believe to be a trusted person or organization, unauthorized people may be able to access your financial or medical data, personal documents, sensitive corporate information, or other personal information. Once information has been exposed to unauthorized people, it’s difficult to know how many people have accessed it. The availability of this information may increase your risk of identity theft (see Protecting Your Privacy and Avoiding Social Engineering and Phishing Attacks for more information).
  • Susceptibility to attack – Some P2P applications may ask you to open certain ports on your firewall to transmit the files. However, opening some of these ports may give attackers access to your computer or enable them to attack your computer by taking advantage of any vulnerabilities that may exist in the P2P application. There are some P2P applications that can modify and penetrate firewalls themselves, without your knowledge.
  • Denial of service – Downloading files causes a significant amount of traffic over the network. This activity may reduce the availability of certain programs on your computer or may limit your access to the Internet (see Understanding Denial-of-Service Attacks for more information).
  • Prosecution – Files shared through P2P applications may include pirated software, copyrighted material, or pornography. If you download these, even unknowingly, you may be faced with fines or other legal action. If your computer is on a company network and exposes customer information, both you and your company may be liable.

How can you minimize these risks?

The best way to eliminate these risks is to avoid using P2P applications. However, if you choose to use this technology, you can follow some good security practices to minimize your risk:

  • use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. However, attackers are continually writing new viruses, so it is important to keep your anti-virus software current (see Understanding Anti-Virus Software for more information).
  • install or enable a firewall – Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer (see Understanding Firewalls for more information). Some operating systems actually include a firewall, but you need to make sure it is enabled.

Authors: Mindi McDowell, Brent Wrisley, Will Dormann


Copyright 2005, 2008 Carnegie Mellon University. Terms of use

Last updated April 3, 2008 

Follow the links and make sure you’re not a bot!

Gary