Digital Security

When most of us go to bed at night, we make sure that the front door is locked, but we probably don't do the same with our computers. You may think that there's little value behind the cyber-door of your digital house. Well, you're wrong.

If there's any personal finance information in your computer, beware: there are cyber-thieves out there. And that makes digital security an important issue in your life.

We're using the Net in ways it was never originally intended; we are putting more and more sensitive personal and financial data about ourselves online on an open system with no inherent built-in security. And that's a problem because the real world has logged on.

"As the world moves into cyberspace and as all money flows into cyberspace, crime follows money and you're going to see it there," says Richard Power of the Computer Security Institute.

Break-ins to computer credit records, intrusions into private files, snooping into e-mail accounts, changing people's credit records -- it can sometimes seem as though it's a jungle in there!

A traditional burglar might jimmy a window to break in, but a computer burglar will often break in digitally through a company's phone switch. One 18-year-old broke into a financial institution, generated a credit card for himself, and went on vacation to Hawaii.

James Bidzos of RSA Data Security, Inc. says there are "people who try to find ways to hack and to counterfeit lottery tickets."

One hacker tells us that bank savvy crackers routinely skim thousands of dollars from bank accounts everywhere. And in one recent caper, a gang of international crackers broke into Citibank's wire transfer software and stole $2.8 million.

The bad news is no one really knows how much digital trespassing and out-and-out theft occur on the Net. The good news is we at home are usually not targets.

"A user today has more to fear from a computer virus than some kind of cyberspace mugging," says Richard.

One hacker, a woman who downloaded a pirated computer game, says that many hackers justify breaking into someone else's files as a challenge.

For certain people, if it's on the Net, it's fair game.

"It's information! It's free! I mean, I suppose it's private property and you build a firewall. But if you build a firewall, there's always somebody who's going to crack it," says Ms. Hacker.

Hacking versus cracking — Netheads do make the distinction.

Imagine a vault as a protected computer file. A hacker would take great pride in breaking in, having a look around, maybe leaving a discreet digital calling card just to prove to his fellow hackers that he'd been there, and then quietly leave and not take a thing. A cracker would break in and just take the money!

Peter Shipley (right) is a computer security expert with a lot of computer firepower. He could have been a computer bad boy, but today, Peter helps fight the bad guys. He and his computer security expert friend, Russell Brand, are hired to find the security leak spots at banks and other data rich targets for hackers and crackers.

"At the point that hackers or crackers get to be Peter's age, they're either in jail or they're rich," says Russell.

Peter and Russell know the dark side of the Net. And they also know who the typical Internet troublemakers usually are. According to Russell,

"The visible hacker community is people that are bored. If you could get them a life, get them a hobby, get them a good video game, they'd do that instead."

The surprise is digital criminals often don't have to use a computer.

"I know several people who are shady characters," says Peter.

"...They don't get [their information] from picking up a modem, finding a phone number, guessing a password, and then breaking into the system. They get it by dumpster diving."

Dumpster diving is the fine art of finding credit card numbers, passwords, and other valuable computer data that stores, companies, and even we at home just throw away; easy pickings for the bad guys to walk by, dive in, and use.

"I'd say that ninety percent, maybe 95 percent of the information, [the hackers] gain is by dumpster diving," says Peter.

OK, so with all these social engineers, dumpster divers, crackers, and digital pests out there, a good password will keep them out, right? Wrong. According to Peter,

"Every hacker piece of software out there has a system that does this."

A list of supposedly secure passwords for one of Peter's clients was easily exposed by a little custom password-cracking software.

Here are a few quick tips from Peter Shipley to help you keep hackers at bay:

  1. Make sure your system software is up-to-date. The more current your software, the less likely a hacker will know how to break in.
  2. Get some software that protects your system. Peter recommends Pretty Good Privacy, or PGP. It's free. You can download it from shareware.com. Just search for PGP in all categories.
  3. Finally, use a good password. Don't use a word from any dictionary or a name or some other common combination. And make sure you have at least one numeral in your password.