http://www.press.co.nz/48/981201c7.htm December 01, 1998 Chch fraud squad out to nail hackers by David Armstrong Catching computer hackers is time-consuming and costly, especially if offenders cannot be prosecuted, but new case-law research could give Christchurch police legal tools to clamp down on electronic vandals and fraudsters. New Zealand has no laws to control electronic trespass and vandalism, says Detective Michael Chappell, of the Christchurch fraud squad, who specialises in information technology crimes. [---] Hackers are socially inept people hell-bent on taking out their frustrations on others. -- Detective Michael Chappell, Christchurch fraud squad [---] [Complete stereotyping. We all know that many hackers are far from this description.] However, while researching the setting up of a Computer Crime Unit, he has found English case law of people infecting other people's computers with viruses, who were charged with intentional damage. Mr Chappell will use this precedent for a case he is preparing. [We go from 'hacking', straight into infecting someone with a computer virus, which is not done via illegal entry into another system most of the time. This transition suggests our 'expert' is not educated in computer security matters.] After 2½ years investigating hackers and the fraudulent use of computers, he categorises hackers in two groups: socially inept people "hell-bent on taking out their frustrations on others", and those using others' Internet accounts or credit cards to binge-surf the Net for free. [And no third group of 'curious kids poking around other networks'? This classification into two limited groups is pathetic.] PC owners can minimise the chances of becoming victims of damage or fraud, he says. Hacking is not rampant, but the high number of people using the Net raises its awareness. The two incidents reported in recent weeks -- the deletion of 4500 websites on Ihug's server, and the infiltration of Xtra accounts -- caused a stir. [Caused more than a stir. No doubt it is the reason he has classified hackers into the TWO categories.] Hackers who use someone else's password and ID for Net access can be charged with fraud, says Mr Chappell. Catching them involves analysing phone-use logs and asking Internet service providers (ISPs) to trace connections. Mr Chappell has dealt with six complaints of this nature in Christchurch in the last two weeks. A typical unauthorised access bill is about $300. [Earlier in the article, it says tracking down these perps is costly. No doubt because he is willing to charge hundreds an hour to catch these 300 dollar crimes.] Hackers can get into accounts by several means, he says. They can run automatic phone-calling software looking for active modems at the other end, or they may run a credit-card number generator and use the result to sign up with an ISP, and run an account for a month or so until they are caught. [Neither of those methods will get you into an account.] In the most recent scare, a "sniffer" program, crudely named "Back Orifice", enters a PC as a virus through an e-mail attachment, and reports back details such as passwords. (An antidote can be downloaded from www.symantec.com/avcenter/backorifice.html.) [Back Orifice is a remote access trojan. The 'sniffer' it contains is only one feature. Entering a PC as an attachment is not a virus. It relies on the user executing the program, which is characteristic of a TROJAN.] Mr Chappell suspects that some instances of hacking originate from dishonest staff in ISPs. He believes it is no coincidence that most incidents occur on inactive accounts, so account owners do not notice the unusual use for several months. When ID and password lists surface, they circulate around groups, so several hackers can use the same account simultaneously. Mr Chappell sees hacking as a modern form of anarchy. A specialist crime unit will be needed, he says, if the police are to keep up with and stop these wired criminals. "Until we get some adequate statutes, we're hog-tied." Making your PC safer People with PCs connected to the Internet can take precautions to minimise their exposure to hacking, says Mr Chappell. [@] Cancel your ISP account if you no longer use it. [@] Run Web virus detection software. [Web virus detection software? Why not run 'virus detection software'? Why does the word 'web' have to be included with everything this guy does? [@] If you receive an e-mail from someone you don't know which has an attached document or executable file, do not run the program until you identify and verify the sender. Preferably delete the e-mail. [Unfounded paranoia. Instead of deleting the mail, just don't view or run the attachment. Or run a virus scanner on the files being offered.] [@] When you are not connected to the Net, turn off your external modem, or disconnect your phone connection if you have an internal modem. [@] Change your password at least every few weeks, and never disclose it to others. [@] Check your phone bill carefully, looking for unusual Internet activity. [Local phone calls to your ISP do not show up on your phone bill. Long distance calls do not identify if they were voice or data. This kind of advice once again suggests the 'expert' has only a passing familiarity with computer security.]