Security Breaches

Copyright © 1995
The New York Times Company

Companies and individuals connected to the Internet have to contend with a new threat to data security. Posing as "friendly" computers, intruders have figured out ways to break into computers and computer networks connected to the Internet and steal data and security codes. The intruders are able to gain access to normally secure networks by finding and then using the identity of a computer that a network recognizes as being an authorized user.

NETWORK SECURITY: Normally, networks only allow access to authorized computers and users. The network is able to distinguish "friend" from "foe" by looking at a computer's Internet protocol address, an ID number specific to each computer. When an unknown computer tries to get into a network, its access is barred.

FINDING A DISGUISE: To break into a network, an intruder must locate the IP address of a computer known to the network. There are a number of methods an intruder can use to find a "trusted" computer. In one case, an intruder used a program that listed the names and addresses of all the computers on a network toobtain an IP address that another computer would recognize as friendly.

SNEAKING IN: Once a "trusted" computer has been found, the intruder sends a message to a computer on the network using a "trusted computer's IP address to ask for certain rights and privileges for the intruder. The host computer network, having no reason to deny the requested privileges, then allows the intruder full access. Once the intruder has gained access to a network, there are in many cases no secondary security systems to prevent the intruder from looking at and stealing whatever is on the network.

(Source: Computer Emergency Response Team)