Number 195 - August 1999
Hacker At Work?
from column by Patrick Marshall, June 20, 1999 Seattle Times
    Q. My son was playing a game on the computer when he said, "Mommy, it won't let me finish!" I looked over the computer and watched it "take over." The computer opened Outlook Express, then Quicken, then Turbotax, then went back to Outlook Express. All of the time I watched this happen I was trying to close the open windows and take control of the computer, to no avail. Unfortunately, I did not think of pulling the phone cord or shutting down the computer while this was happening. The hard drive was working very hard, as I could hear it very clearly. [You should be able to see its activity light flashing, even if you can't hear it. -rjt] The Internet connection was open at this time. It looked like someone accessed Quicken and Turbotax and sent information somewhere. This all happened extremely quickly, in less than a minute. I checked the computer scheduler and we do not have any automatic updates for either Quicken or Turbotax. We have automatic updates for Norton Utilities (set for other dates and times), which typically show data being downloaded and is somewhat slow. This was not like that at all. This was a very strange occurrence and I would like to know if you have heard of this happening before. I would like to know if there are any government agencies I should inform, or if there is any kind of central clearinghouse for these types of computer occurrences.
         Judy Swain, Burien

    A. Do you have a remote-control application, such as LapLink Professional, installed on your computer? The behavior you describe sounds just like someone dialed up your computer and took remote control of it. Programs such as LapLink enable such operations, but they must be loaded and set to answer the telephone for someone to be able to activate them. And, by the way, you can configure LapLink to require a password for callers to gain access.
   It is, of course, possible that a hacker accessed your computer through the Internet. And there are measures that you can take to prevent such intrusions. Proxy servers and firewalls are the most commonly employed measures. They are, unfortunately, more expensive than most home users are willing to consider, especially given the very slight risk involved for home users being targeted by a hacker. The best practical protection against such intrusion is disconnecting the phone line.

   If you're interested in more information on hackers and hacking, here are two links to explore: http://www.antionline.com and
    http://www.alw.nih.gov/Security/security.html.1

    Both contain links to other computer-security sites.

    TOGGLE Ed. Note:

    The Internet connection being "open" implies that her son was playing an on-line game. It seems to us that, if you play games on-line, you run somewhat greater risk than otherwise. Depending on the game and the security measures, such as firewalls, etc., employed by the games' host, you could be interacting directly with other players--a somewhat risky situation.

    You gamers would be wise to do some checking into what security measures are in place when you play on-line. Also, you might want to check out Magic Folders, which was offered as a June 1999 Disk of the Month, and use it to password-protect your sensitive files whether on-line or not.

1When we tried it, in July 1999, this site address was not valid as stated. Instead, go to the National Institute of Health site http://www.alw.nih.gov, navigate to General Reference Resources and click on Unix Security. This will take you to the "address" listed.
 
  Number 195 - August 1999