Be careful out there.

by Dan Lee
Winter 2004

YOU MAY JUST HAVE MORE IN COMMON THAN YOU MIGHT THINK WITH the road warriors of old. Today’s business traveler-armed with a laptop computer and a high-speed Internet connection-is a bit like a lone knight of medieval days, leaving behind the protective moat and high walls of the castle. The loner still has protection, whether it’s a suit of armor or a personal firewall, but that person must be aware of the surrounding dangers. It’s just that instead of bandits and sword-wielding rivals, you face enemies armed with malicious code.

Businesses of all sizes spend loads of money to build virtual walls around their computer networks-they fill up computer racks with security appliances and load software onto PCs to ward off viruses, spam, hackers and other Internet threats. But much of that protection disappears when you step out the office door.

Hackers are after confidential information, such as passwords, credit-card numbers, Social Security Numbers and other personal information to steal goods or identities. Some miscreants just want to make a name for themselves, or cause mischief around the Internet. Yet business travelers can fend off many of these dangers by taking a few simple actions to protect their equipment, information
and privacy.

One of the most basic precautions is running antivirus software. These products, from companies such as Symantec and McAfee, constantly scan your computer files for patterns that could be a virus. Most computers come with antivirus software, but only for a limited time. Additional subscriptions must be purchased.

“As you’re traveling, you’re not going to be behind the corporate firewall,’’ says Ira Winkler, an expert on Internet security and the hacker mindset. “You have to treat it like you’re logging onto a hostile network.’’

A personal firewall is also recommended for those with always-on Internet connections. A firewall acts as a barrier to block out potentially dangerous content. Popular personal software firewalls include Norton Personal Firewall by Symantec or McAfee Personal Firewall Plus.

Users should also keep their computers patched with the latest security updates from Microsoft (www.microsoft.com/security). The software giant releases updates on a regular basis to fix vulnerabilities. It is important to download these patches as they are released to close the doors hackers are trying to use to break into your computer.

Computer users face a wide array of ever-evolving threats. Internet troublemakers, security experts say, are evolving from basic cybervandals to cybercrooks. They are unleashing viruses that leave behind “back-door” programs designed to hijack your computer. Hackers often create an army of “zombie” computers (maybe yours is among them?), using those machines as proxy servers from which to send waves of spam.

Such attacks are on the rise. Symantec, the maker of Norton antivirus software, documented almost 4,500 new viruses and worms targeting the Windows operating system in the first six months of 2004, more than four times the number for the first half of 2003.

Another emerging scam is called “phishing,” where an email appears to be a legitimate message from a bank or other trusted company. The message usually asks the recipient to confirm confidential information, such as passwords, account numbers or personal identification numbers.

Users often unknowingly also pick up “spyware” while surfing the Web. Spyware does not do damage, like a virus, that could destroy programs or data, but many consider it intrusive.

Winkler said whenever he logs onto the Internet from a public connection in an airport, his personal firewall usually notifies him within just minutes that his computer has been scanned by a would-be intruder looking for
an opening.

He recommends, from experience, always backing up critical information while on the road. Winkler has walked into conference rooms where he is the scheduled speaker with a fried computer, only to be saved because he had also emailed a copy of his presentation to his hosts. “I’ve always looked at disaster recovery as being part of security,’’ said Winkler, who also keeps hard copies and USB drives
to back up key information. He also keeps two backup power supplies.

Some hackers don’t use technology to hack. Laptops left alone can be quickly swiped. Be aware of “shoulder surfers,’’ those who simply watch your key strokes to get user names and passwords.

Winkler recalled one plane ride where the man next to him displayed on his computer for all around him to see confidential legal documents regarding venture capital investments in a company planning an initial public offering. “Traveling first class is a great way to be a spy,’’ says Winkler, whose book on the hacker mindset, Spies Among Us, is due out next spring.

The first sign your computer is infected may be just that it seems to be running slower than usual. For more information, antivirus companies such as Symantec, McAfee and Trend Micro offer customer information on their Web sites.

Travelers should be extra careful while using the Internet via WiFi hotspots, common in airports and coffee shops. Be aware that someone near you could be jumping onto your connection. If you’re doing anything confidential, such as making a purchase online, make sure that the site is encrypted. If you look at the top left of your browser, an encrypted site will begin “https,” for Secure Sockets Layer. A non-encrypted site will begin with “http.”

Perhaps the best way to avoid a virus, though, is fantastically low tech: Don’t click on strange email attachments-ever. Security experts say this almost as much as health teachers warn that smoking is dangerous. Yet, when their curiosity is piqued, computer users still click away.

This year’s Mydoom is a perfect example of how a cleverly designed virus can infect hundreds of thousands of computers in just days. Mydoom disguised itself as a common error message given when there’s a delivery problem with an email. The subject line contained such words as “Mail Transaction Failed.” People clicked on the attachment, expecting details on the failed delivery, only to launch the virus. Also, messages containing Mydoom often appeared to come from friends, family or work associates because the worm spread itself by grabbing names from an infected computer’s address book.

It’s called “social engineering”-the art of making a message appear so enticing or trustworthy that users go against their better judgment and open the attachment, unleashing the malicious code.

People could also potentially avoid many threats by using a Macintosh. Most attacks today target PCs using the Windows operating system. (A debate rages about whether that’s because Macs are more secure, or whether hackers simply pick Windows since it’s used on the vast majority of the world’s computers...but that’s another article!)

____________________________________________

Dan Lee is a reporter at The San Jose Mercury News. Email Dan at editor@executivetravelmag.com.