The terrorist attacks have put all forms of security into tighter focus. Ravi Aggarwal, general manager of the Baltimore branch of technology training center New Horizons, recently discussed how the federal government is battening down its hatches and how you can make your PC secure.
Your clients include six federal agencies. What have they changed since the attacks?
I'm not privy to what they have done internally. I can only tell you what kind of training requests they have made to us. Many of the federal agencies have requested [heightened] network and Web site security. We have done a significant amount of training for many of their personnel, right from the very beginning basics [up] to the nth degree, where they feel confident that they can go back and implement those things to protect the security of their data.
Since September 11 we have had far more interest and queries. We had done the security training with them before September 11, too; this is not something new. But there is far deeper interest [now,] much more money being spent on the area than ever before. It became a much higher priority area. However, they were always concerned about their security.
What are some of the security holes you see out there right now?
There's a lot of hacking, cracking going on. People intruding into your site. Modifying the information, modifying the site. Lots of viruses are coming in, Trojans, worms. There's a lot of things going on. For example, over the last few weeks we had two major viruses going on: Nimda and before that [it] was Code Red. They are very serious viruses. If Nimda infects your server, you've got a major problem. That means you've got to go back and redo the whole thing. Nimda is spread via e-mail and infects the machine. You've really got to go back and reformat the whole thing, and whatever you had on the machine is gone. There's no way you can save it unless you backed it up someplace earlier.
Another example is "Spoofing." It's a very simple thing. People can come up with a mimic of a legitimate e-mail or Web site. For instance, Amazon, instead of A-M-A-Z-O-N, it could be A-M-A-Z-I-N. Somebody by mistake types an "I" [and] they are going to see a Web site very similar to Amazon.com. By mistake [consumers] get there and it has the look and feel of the real Web site. People end up trying to buy something and give their credit card number. By the time the fraud is detected those folks are long gone.
Another thing people need to be aware of is "Sniffing." As we send information via e-mail over the Internet, it goes by what are called packets. Small packets of information travel and someone can intercept them. For instance, they could change my bank account number to their bank account number and money goes into their account. Also, if I do sniffing, I can determine if you are coming out with any new models or product developments. If I am your competitor, I can find out what's going on.
They can also overload your server in such a way that no one can get to your Web site. It happened not too long ago with CNN. This is called denial of service. The system bogs down, and you can't even tell where it's coming from.
Folks can also try to come to your Web site and change the content. About a year ago, when George W. Bush was running as a presidential candidate, somebody went to his Web site and replaced his picture with a hammer and a sickle. The White House has been hit, DOD has been hit, the Pentagon, several other federal agencies. This is an ongoing thing.
What damage could be done to a Web site? Seems like most of these defacement incidents are just simple vandalism.
I can go into your Web site and change the content, change the pricing. All of a sudden your clients are upset because what you are charging is not what you are saying on the Web site.
What are some ways users can protect against these attacks?
Have the latest [software] version, that's a good thing. They can go to Microsoft Internet Explorer 6 rather than 5.0. They can also download many patches from vendors that are virtually free. Use encryption and a certificate of authenticity. If I use this, it will tell me that I am not speaking with the right people -- it's not Amazon.com. The more important thing is you have to understand what exactly is security? Go back over your own system; find where the loopholes are and how to protect them.
The best [defense] is prevention, but preventing something is not simple, either. The entire corporation has to be involved in prevention, otherwise it doesn't work. Anyone can open the door and let someone come in; it could be a major problem.
You mention encryption, something that is in the news right now. There is some suspicion that the terrorists may have used encrypted e-mail and now the government would like a skeleton key to break the codes.
Right now, everybody, not just terrorists, is using encryption for security. It's virtually impossible to break into. There is no clear evidence anywhere that Osama bin Laden or the al-Qaida terrorist group has abused or used encryption one way or the other. However, Senator Judd Gregg, a Republican from New Hampshire, is leading a charge for greater government access to encrypted data, basically saying that we need some kind of loophole where we can go in and be able to decode it. But that automatically tells me that I won't have any trust in encryption anymore if someone can decode it. I understand that we need some way to decode terrorist activity. By the same token, it's no longer a safe system then. Of course, we don't want to allow terrorists to use this, but at the same time if we deny it to them we are going to deny it to everybody.
Even if we make any changes today, the problem is that encryption is already in place. Many people are already using encryption. It's free. Let's say we in this country make these changes, what about the rest of the world? There's no foolproof system; the terrorists will get what they want.
What are some ways that home PCs can be made safer?
People using broadband, cable modem, DSL, they're extremely vulnerable. If their [Internet connection] stays on all the time, anybody -- even your neighbors -- can get in there and find out what's going on very easily. In addition, they need a good firewall. They are relatively cheap and available off the shelf. They need some kind of virus detector and they need to keep up with it. Every time there is a new version, a new patch, they need to download it. If you receive an e-mail from an unknown source, do not open it. There is something called "Auto Preview." Do not leave Auto Preview on because it automatically opens up the e-mail. Also, turn off the machine when you're not using it. It's a sitting target.
The FBI has put together something called the National Infrastructure Protection Center. It's a free Web site, and it gives lots of information about how to protect your PC. Especially when a new virus is coming out, it will tell you what to do.
Have you been busy since the attacks?
Our business has taken off since the attacks, especially in the security area. This being a privately held company, I will not be able to give you each and every detail. The week of September 11 was bad. The following week, registration, inquiries, everything picked up. We are extremely busy. We are even hiring people as we speak.
How many employees do you have?
Right now we have about 30 employees.
How many do you want to add?
We are looking for another 10 more.