What do you think happens when you connect your computer to the Internet? In less than an hour, it may not be yours anymore. While you're Googling your name and checking e-mail, a hacker, perhaps in Eastern Europe-let's call him Ivan-quietly takes over your machine. There are a dozen ways Ivan could do it, but he probably found you with a program he didn't get at Best Buy called a port scanner, which roams the Internet like a clumsy cat burglar, trying every doorknob until it locates one left unlocked. Then he makes a connection to your computer-sort of like starting a chat session, only invisible to you-and uses it to deliver a "backdoor," a small piece of code that lets him take control of your PC whenever he wants. You won't know it, but you've just become part of a "botnet," a small army of computers that Ivan will rent to international organized-crime rings, which will use it to spew spam, steal identities, or hold corporate Web sites hostage (not to mention slow down your PC).
Sound like a scare story? It happens to more than 300,000 computers each day-PCs connected to the Internet without security precautions such as a firewall, anti-virus software or an up-to-date operating system. According to the FBI, $67.2 billion was lost last year to online crime. Sure, there are ways to fight back [see "Five Things You Can Do Today to Protect Yourself"], shutting down "zombies" (PCs surreptitiously controlled by hackers) and prosecuting the handful of Ivans the police have managed to catch. But it's like playing a huge game of whack-a-mole. Knock the criminals over the head in one spot, and they pop up someplace else. "No matter what solution you come up with, it takes the bad guys about five minutes to get around it," says Lance Spitzner, president of the nonprofit volunteer Honeynet Project, which sets out vulnerable computers as bait so researchers can study attackers' behavior. "The creativity of cyber-criminals is amazing."
Fact is, the system is easy to game because it was never designed to be secure. The Internet was created 40 years ago so university geeks could share research, not so you could buy baubles on eBay. As companies developed ingenious ways to build security into things like online credit-card transactions, hackers came up with equally ingenious ways to get around it, launching a security arms race that Ivan and his comrades are so far winning.
If we want to fight back, we need a new approach, something that fundamentally changes the way computers interact with the Internet and how the Internet functions. Companies and organizations all over the world are working on these kinds of long-term solutions, but one of the most radical ideas is being developed at Carnegie Mellon University's CyLab, the world's largest Internet-security research hub. Launched in 2003, CyLab has 70 faculty researchers and 140 graduate students at its Pittsburgh campus, with satellite facilities in Korea and Japan. Its approach is to make the Internet function like a biological entity that wards off attacks the way a healthy body fights off a cold-in other words, to build a network with an immune system.
"Unless we move toward that goal, we'll just spend all our time solving new problems," says Pradeep Khosla, dean of Carnegie Mellon's college of engineering and co-director of CyLab. You can't build something that's perfectly secure, so you make something that can survive the attacks you can anticipate, making it harder and more expensive for criminals to do their thing. Even Fort Knox could be taken, but it would require a small army to do it, which would cut heavily into the bad guys' profits. CyLab has dozens of projects at various stages of development; many are years from implementation and would cost billions of dollars to put in place. But the following remedies-creating resistance to attacks and finding their sources-are necessary medicine for an Internet that's getting sicker by the minute.
To my disbelief in your magazine about hackers from China which i'm sure they are some but what your story says is switching blame on China that really belongs within the United States.Face the facts before you push blame on another nation why not face what we have here today with the help of are own service.Courrption beyond our own beleifs New York Times and now Popular Science magazine storys are wrong as stated by Scott Henderson[China pose a real threat to American cybersecurity] the real threat is the media tag games for advertising companys and anybody else that are selling products and services on the internet and the web.Common sence tells you this is their source of income which has cause these writers to become dishonest in their storys of no facts but only to mislead Americans.My suggestion would be to boycott the purchases from New York Times and Popular magazine untill they change their dishonest storys of no facts and listen saving your money can only help in our recovering from damages in our nation cause by their dishonest story's.