During the typical holiday season, with high school and college students on vacation and when people generally have more time on their hands, far more viruses are let loose on the Internet. But this holiday season may have been different.
According to Bill Wall, chief security engineer with Harris Corp., which provides online security for the federal government as well as for many private companies, the number of viruses and hacking attempts decreased significantly after September 11, and the trend continued through the month of December.
"This is normally the peak period for attacks," says Wall, "but few viruses have been introduced, few hackers have been defacing Web sites as far as I can see, and even our own port-scanning software used within Harris has revealed lower numbers than youd expect for a peak period."
In August, the Federal Computer Incident Response Center (www.fedcirc.gov), which tracks attacks on the civilian agencies and departments of the federal government, reported 114 discrete attacks. In December, that number was down to 15. Hall also points out that most of the other major security sites, including the CERT Coordination Center, have reported fewer attacks of late and that fewer hacking incidents have shown up in the news.
"When I come back to work from Christmas, Im usually extremely busy fighting attacks, but the only thing thats really been out there is a rehash of a very old worm," continues Hall, referring to a malicious type of program that makes copies of itself and worms its way from machine to machine, wreaking havoc along the way.
Why would this be? Howard Fienberg, a senior analyst with STATS (the Statistical Assessment Service), a nonprofit, nonpartisan think tank in Washington, D.C., has two theories. He feels that one reason hackers are doing less hacking is because the news media, too busy covering the aftermath of the September 11 terrorist attacks, arent as likely to take notice. "Hackers are motivated by the attention that they get out of what they do, whether its a virus they send out or the exploits in pointing out the pathetic security on a lot of peoples sites," explains Fienberg. "Given that the media are not particularly focused on things like that, theres less incentive to play."
Alternatively, hackers may be much more worried about punishment nowadays. "After September 11th, a lot of the talk was that, with the new bills going through congress, hackers were going to be prosecuted beyond the fullest extent of the law," says Fienberg. "There were rumors that what was going into a lot of the new security bills was going to make punishment much more drastic." And the USA PATRIOT Act, signed into law by President Bush in October, makes government prosecution of those engaging in computer fraud and abuse much easier, even if the illegal actions are not related to what is typically viewed as terrorist activity.
"There is a community of hackers out there that has become more cognizant that the government is monitoring their activities," says Scott Temple, director of the Infosecurity Conference, held in early December in New York City. "The government got very active, treating these people as potential terrorists." In particular, he says, hackers have quit defacing highly visible government sites, such as those of the FBI and the CIA.
But contrary to the Harris Corp.s Wall, Temple does not feel that the total number of hacking attempts has decreased all that much. "The perception is that hacking has gone down, but were not really seeing that," says Wall. "Since September 11th, companies have stepped up their security measures, and its just gotten much more difficult to do damage." So perhaps hackers havent given up, theyve simply been less successful. Breaching of newer security systems may be just a matter of time. "Hackers still have all the tools they need," says Temple.