Now we have protection rackets on the Web. I guess it had to happen.
It used to be, a couple of heavies would come to your bar and explain that if you didn’t give them umpteen hundred dollars a month, your bar mysteriously would burn down. If you didn’t seem cooperative, maybe that night your plate-glass window would shatter. You saw the wisdom and paid thereafter.
Now, according to Silicon.com and other sources, your Web site can get the same treatment.
Suppose you have a site selling Tom’s Wonder Pills, which make people handsome or immortal or whatever. The bad guys, who are thought to be mostly the Russian mafia, hack into your site. The next time you look, your home page says, “Tmo’s Wonder Pills.” Or the caption of a picture has changed slightly. Then you get an e-mail saying that unless you pay some hefty amount, really bad things will happen. They will post kid porn on it or assertions that Tom’s Wonder Pills are poisonous.
You might pay up.
It is possible to protect a Web site from hacking, and the big-boy hosting services such as Interland usually are pretty good at it. But there is another threat made by hack-mailers that an individual site can’t do much about.
This is the DOS (denial of service) attack on your Web site. As many people know bad guys can plant Trojan horses in personal computers by means of e-mailed “malware.” This gives them control of the computer. Viruses can be programmed to do things on certain dates. They can then use thousands of compromised computers to send huge numbers of bogus page requests to the Tom’s Wonder Pills site. This clogs the Wonder Pills server, in effect shutting it down.
The clogging has been done. SCO, a Lindon, Utah, software provider, was shut down for days in February by the MyDoom virus, although not in a hack-mail attempt.
If you run an online gambling site, being shut down for a few days around the Super Bowl could cost millions.
Says Silicon.com: “And that’s the lure for the criminals behind such scams. The cost of paying off the criminals is invariably preferable to the cost of letting them ’bring it on.’ But if ever there was a case for fearing that paying up will only lead to more trouble further down the line then this is it.”
It is hard to know just how much hack-mail goes on, say authorities in the field, because many companies don’t want to admit they have been blackmailed. For example, gambling sites want to be regarded as part of the entertainment industry, as distinct from being vice sites along with porn and such.
Blackmail by computer is not a huge problem. But it could get serious.
A problem with Internet crime is that it is so easy. I can send out a million e-mail messages saying: “I am Toli Mavenga of Nigeria and I write funny colonial-sounding English and if you send me $4,000 I will send you the entire treasury of Nigeria.” Sending the e-mail costs nothing. All I need is one sucker.
Or I can tell a wealthy pediatrician to pay up or I’ll send a million spam e-mail messages containing an authentic-looking federal indictment of the pediatrician for child molestation 10 years ago.
Sez me, a whole lot more attention needs to be paid to computer security. I don’t know how you stop some of this stuff. But if computers came out of the box with firewalls, things would be harder for the bad guys.
Please read our comment policy before commenting.