Computer attacks, threats continue Published Sept. 26, 2003 By Senior Master Sgt. Alan McClellan 805th Communications Support Squadron SCOTT AIR FORCE BASE, Ill. (AFPN) -- Government computers and official information are subject to a wide range of threats and vulnerabilities that are a constant, invisible threat to penetrate military networks and degrade warfighting abilities.Along with those nameless, faceless hostile enemies there is also a threat from simple computer hobbyists experimenting with readily available free software to detect and exploit security holes in operating systems, e-mail and browser software.New attacks against computer systems occur nearly as fast as software vendors can produce security patches. Computer hackers analyze each new generation of security patches to determine how previous security vulnerabilities were corrected.By doing this, these computer hackers have frequently found new vulnerabilities to exploit. Once hackers identify new vulnerabilities, they use the Internet to spread the word to others on how to exploit these defense weaknesses. Hacker groups even distribute free software tools that could be highly effective in attacks against operating systems.Software manufacturers, including Microsoft, continue to stay ahead of the hackers, but virus-development time is becoming shorter, so new protective measures must be developed to avoid network catastrophes.If malicious individuals are unable to break through network firewalls to launch an attack, they often try to bypass the strongest defenses by attaching viruses to e-mail messages to gain access to the "inside."As recently as July, a hacker sent out e-mails that advised recipients to visit a phony "Windows-Update" Web site and download a security patch. When users did as instructed, their computers secretly passed control to the e-mail originator, who then hijacked their computers to send spam e-mails as well as establish pornographic Web sites on the captured computers. Other e-mails have contained hidden instructions that exploit unprotected aspects of computers.To protect computers, users need to ensure they are running antivirus software with current virus-definition files. These files can be checked by "right-clicking" the computer mouse pointer on the antivirus program icon on the taskbar. That will open the antivirus program information page. If the date of the virus definition file is older than 10 days or if users must manually run "live update" to get new antivirus-definition files, contact the workgroup managers for assistance.Workgroup managers can help configure computers to automatically keep virus-definition files current. Maintaining antivirus software and deleting suspicious e-mail attachments or Web links from unknown sources, greatly reduces the chance the computer might become a target or virus host.Users need to pay close attention to the latest virus warnings and requests for system updates. The virus creators are very smart and can readily hunt out unpatched computers to exploit.Information on computer-defensive postures is available from workgroup managers or wing information-assurance offices in the communications squadron. (Courtesy of Air Mobility Command News Service)