- The Washington Times - Wednesday, February 20, 2013

With nations trading charges of high-level cyberespionage, security specialists are warning that there are a whole host of reasons why hackers may target their computers and smartphones.

“The fact is there are a lot of different groups out there trying to break into computer systems,” said Tom Cross, director of security research at Lancope, a Georgia-based network security firm. “You have spies trying to steal intelligence. You have financially motivated criminals trying to make a buck. You have politically motivated attackers that hack computer systems to make a political statement. If they don’t like a company, they might try to take their website down to demonstrate their disagreement with that company.”

Or, he added, “maybe they’re just joy-riding.”

Earlier this week, Mandiant Corp., a security firm in Alexandria, accused the Chinese government of cyberespionage. Intelligence-motivated attacks such as these don’t affect the average consumer, Mr. Cross explained. Instead, they target government agencies, government contractors and their employees.

“Governments are spying on each other, because they want to understand what’s being planned in the future and what technologies they’re developing,” Mr. Cross said. “It’s not just the government agencies that are targeted by these attacks. It’s also the companies that do business with them.”

These attacks aren’t limited to work computers and emails — they also go after personal information, looking for a back door into secret government information.

“If you’re someone who works with this kind of information, both your work and personal email could be targeted,” Mr. Cross explained.

One vulnerability, he said, is the increasingly ubiquitous cellphone.

“Mobile devices know where users are located, their emails, telephone calls, text messages. They have microphones and cameras, so potentially if someone got control of it, they could use it to record audio or take photographs. It’s a very valuable source for an attacker.”

But how can people avoid these sort of cyberattacks? Anti-virus software isn’t always the answer, technology analyst Jeff Kagan said. While it helps, it doesn’t protect from everything.

“We think if we load this stuff up, we’re safe, but we’re not,” he warned. “It protects us to a point.”

Mr. Cross suggests using different passwords for different accounts. He also suggests using more secure “passphrases” rather than simple passwords. Passphrases are longer, so it’s harder to crack. But the words in the passphrase should not be related to each other.

“Really today, people need to stop thinking about passwords and start thinking about passphrases,” he said.

Other practices to frustrate hackers, analysts say, include regularly downloading security update “patches”; disconnecting from the Internet when your device is not in use; always being aware of the dangers of sharing files; and not opening emails from unknown or suspicious sources.

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2020 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.


Click to Read More and View Comments

Click to Hide