The hackers have gone too far now. When they were defacing Web sites and launching denial-of-service attacks against eBay and the like, they were annoying, but the general public still gave them a grudging amount of respect. After all, to take down well-protected networks and hack firewalls and intrusion detection systems, they had to be pretty smart.
But now hacking has hit home — literally. Hundreds of thousands of regular computer users, who never did a thing to provoke a hack attack, have found themselves scurrying to fix their infected machines in the wake of the Blaster worm.
No longer is information security a distant idea. No longer is the damage wrought by hacking just a dollar sign tucked inside a news story, money that big corporations can suck up. Hackers have made it personal, and it’s going to cost them. Just ask Jeffrey Lee Parson, who was arrested last week and charged with authoring a Blaster variant.
Scapegoat Search
Sure, home users machines’ have been infected by annoying viruses in the past, but all of those viruses required users to open an e-mail attachment, which by definition made them at least partially culpable for their own woes. Blaster changed that, as more than a million users found out the hard way.
Right now, Parson is no doubt hoping and praying that the judge and prosecutor who get his case are Mac users. That may be the best hope the Minnesota teenager, facing charges that he launched a copycat version of the Blaster worm, has to avoid being held up as an example.
Already, there are worldwide calls for Parson to receive a stiff penalty if found guilty, with a long jail term and a brutal fine seen by editorial writers and message board pundits as suitable payback for their inconvenience.
Catching Parson — who will serve as a fine scapegoat until and unless they catch the original Blaster author — makes it all seem neat and tidy for computer users hacked by the slithering worm. Sure, most are still mad at Microsoft, but they can’t be too critical of the software maker without also calling attention to the fact that they themselves are lax when it comes to using firewalls and installing patches.
So, instead, the hacker is the bad guy. All the mystery and intrigue, and all the grudging respect, are gone. Now, there’s just anger.
Start of Something Big?
The recent wave of worms might even be enough to cause real changes in the security industry. If users are smart, they’ll start expecting and demanding better protection from ISPs, which in turn will raise the bar for the software makers and security vendors they work with to keep networks safe. It won’t be a revolutionary change — more like ripples from a rock thrown into a pond.
Meanwhile, the average computer user must come to grips with the fact that he’s now a target. How will he react? By updating virus software and patching operating systems religiously? Yeah, right.
No, home users who get hacked will look for people to blame. If they can’t find the hacker at the heart of the problem, they’ll find another target, you can be sure of that.
As for the hackers, who pride themselves on always staying a step ahead of law enforcement and the security industry, the message is that they’ve used up the best part of their 20 minutes of fame. Crash worldwide computer systems if you must, but mess with a person’s ability to send e-mail and you’ve gone too far. Way too far.
People using Apple didn’t get hurt by the worm – nor did people running BSD or Linux. Perhaps you should place the blame where it is due – on the shoulders of Microsoft(R). They have created an operating system that can be brought down by a web page for heavens sakes. You, and the whole of our country are running a defective product and pointing the finger at the wrong place.
When firestone tires blew up and flipped cars did you blame the road for being hazardous – or the guy who dropped the trash on the street?
Who cares what he’s called? The point is if you have malicious intent, wipe your tears and accept responsibility. Microsoft should be put on the spot for not being more proactive (like the open source community is when responding to vulnerabilities.) Make an example of this kid. However, is that really going to be effective? Look at the file sharing communities and the RIAA. Shut one company down then spawns a dozen more. Shoot one "script kid" spawns another. Nice living in a capitalist society, huh? Everyone makes money and somebody else loses, then new ridiculous laws are created. Woo hoo
Come on, Please! The article makes a good point about attacking home users is going too far but down multimillion-dollar companies is alright. But really how can you possible classify this guy as a "Hacker"? He ran a script on a virus that someone else’s mind came up with. Please think about the terms that you are using, he is a "script kid" not a hacker at all. And even if you wanted to say that he is more than a "script kid" the term hacker doesn’t fit, virus writer works, but hacker I think not.