In recent days, a worm spreading through Yahoo! Messenger (YM) at a terrifying speed, known as “GaiXinh,” “xRobots,” or “RemyWorm”… (as referred to differently by various experts) has caused a stir among a majority of Internet users.
The BKIS Cybersecurity Center estimates that over 10,000 computers have been infected, many of which still haven’t been rid of this worm to this day…
However, the mindset of “after the rain comes the sunshine” and “losing the cow but not worrying about building the barn” seems to remain deeply entrenched, leading many to easily forget the urgency of the situation right after the infection. When some cybersecurity centers offer solutions, people breathe a sigh of relief and quickly forget about the virus, because after all, how many viruses are discovered on computers every day?
Occasionally, we still hear news such as: “Several hundred thousand personal information of HP Group employees have been stolen,” or: “Leaks of information about nuclear power plants,”… but perhaps few realize that the primary cause is largely due to such viruses and worms.
With a general principle of exploiting user vulnerabilities when using Internet tools (browsing, email, instant messaging software – IM), taking advantage of address books and the trust of friends towards the victim… to spread widely by installing a hidden program (commonly referred to as “Spyware”) on infected computers. Once successful, these infected computers will be controlled by the malicious perpetrator without the owner’s knowledge. The following scenarios may then unfold:
1. Information Theft: Spyware can open backdoors for hackers to gain control of the computer. Subsequent actions, from monitoring the owner’s every move, stealing passwords or personal information, copying information, destroying data or entire systems… to creating a foothold for hackers to invade the entire internal network of the organization… are all within reach.
The situation becomes even more serious if these computers belong to networks of businesses, financial institutions, or government agencies, or are related to national security; the true owners of these computers may inadvertently become accomplices to malicious acts.
2. Launching Attacks: The controlled computers can be used to initiate Distributed Denial of Service (DDoS) attacks (which true hackers have long “killed off” due to its brutality and cowardice) against servers on the Internet by commanding these computers to continuously send hundreds or thousands of requests to the victims.
Theoretically, a network of 30,000 “zombie” computers secretly controlled in this manner could bring down any server system within 10-30 minutes. In reality, worms like Blaster, MyDoom, Sasser, Sobig… in the years 2003-2004 were once a nightmare for the massive networks of Google, Microsoft, Windows Update… and turned the security landscape in those years exceedingly grim, with estimated damages reaching up to $38 billion.
It is especially serious if such tools are used for unfair competition or violations of national security. Preventing these attacks is nearly impossible, and detecting the source of the spread and halting infections is extremely difficult because it depends on the users’ knowledge and awareness.
Global experience shows that prevention can only happen through legal measures, utilizing criminal penalties for offenses that cause equivalent consequences to deter wrongdoing. Unfortunately, in Vietnam, there are currently no strict regulations against such acts, allowing perpetrators more opportunities to act freely.
According to cybersecurity center analyses of recent viruses, the creators may not possess high technical skills (simply “Vietnamizing” source codes of viruses disseminated online) but have “succeeded” in leveraging the widely used and trusted YM Chat tool to spread the virus. This is an “innovation” because most users today are aware not to open attachments from strange emails.
Accurately identifying the distributor, investigating deep-seated motives, and applying necessary deterrent measures to set an example and demonstrate the rule of law reaching into the virtual world is a serious and urgent requirement. To protect themselves from online dangers, Internet users should exercise extreme caution with links sent via YM and absolutely refrain from downloading if the link points to files with extensions: .exe, .vbs, .pif.
NHAT THU
