Hackers - Part 1
Aired: July 26, 1996
"Hacker". The word has come to symbolize the outlaw
of the information age. Indeed, when it comes to
creating mischief, hackers are in a league of their
own. NewsCenter4's Anthony Moor begins a two-part look
at the computer underground and what they can do to
you.
To a hacker, what goes on inside these computers could
be a goldmine. This is "Insweb," new Internet site
where you can buy insurance online.
"Hackers come in for a variety of reasons, " says
Darrell Ticehurst of Insweb. "They could download names
and addresses of people who buy jewelry. They could
alter online contracts, such as the sentence
'earthquake coverage not included.' We really have to
worry about that 18-year-old with a 180 IQ and not much
judgment [who] decides it's really funny to take out
the word 'not' and see how long it takes you to notice
it."
It could cost an insurance company billions. These
pages list a single week's worth of serious hacking
attempts.
"They're attempting to take over the computer," says
Ticehurst. "They're attempting to grab hold of our disk
drive, use it, read everything that's on there or load
something onto it."
One hacker has repeatedly attacked Insweb seven
straight days.
"What we're going to do now is trace that route to find
out where that intrusion came from," says Ticehurst as
he demonstrates on his computer.
"It came out of Travel Software Systems in Heidelborn,
Germany. Now this is somebody who's made a serious
attempt on the system."
But Ticehurst goes no further. No harm done, he says.
If someone does press charges, it might go to detective
Keith Lowrey at the San Jose police high tech crimes
unit.
"Hackers can do just about anything they want to do, "
says Lowrey. "They can alter your credit. They can
steal your identity."
One scam happens on popular online services.
"You get a flash message across your screen," says the
detective. " It says, 'hey, your credit card or the
account that you're using to charge your time online is
no good, and we need you to re-enter another credit
card with an expiration date.' And a lot of times
that's coming from a hacker."
Once you type your credit card in, the hacker has what
he needs.
But you may be surprised that the hacker's most
valuable break-in technique doesn't rely on
electronics. It's called `social engineering;' just a
fancy name for the classic con game.
You see, even the best hackers need logon ID's and
passwords. So before trying any sophisticated
guesswork, hackers simply ask.
"You're on your computer terminal typing out," says
Lowrey. " And all of a sudden you get a phone call.
And the phone call says, `Hi. I'm Joe and I'm from your
MIS department. What I need you to do is log off your
system and log back on.' And he's [the hacker] sitting
there watching you type it in."
He's hacked far enough into your system to watch from
his computer what you're typing on yours. Some even
inadvertently tell hackers their passwords over the
phone. How real is the threat to you? Hackers say
consider your "hack factor;" why would anyone want to
break into your system?
Hackers tell me I raised my hack factor dramatically
when I posted Internet messages asking for help on this
story.
Part 2