Eric Lai
SAN FRANCISCO: The flaw, discovered on Monday which was first reported by
Guardent, a Waltham, Massachusetts-based security firm said that the flaw would
allow hackers to determine the identification number used by two devices or
computers when they set up a communication session through the Internet. The
session identification number, which is randomly generated by each computer's
operating system, could theoretically be used by hackers to impersonate, or in
hacker parlance, "spoof", an authorized user and gain access to a
computer network, or send bogus information to disrupt other Internet users
trying to communicate with the network.
"This is risky in a lot of ways," said head of research and
development for Guardent, Jerry Brady. Hackers would theoretically also be able
to shut down a Web site, bypassing cruder techniques such as distributed
Denial-Of-Service attacks, which involves bombarding a Web site with millions of
bogus messages.
Computers running most computer operating systems, including Microsoft
Corp.'s Windows and Unix-based systems like Sun MicroSystem Inc.'s Solaris and
Linux, as well those used by specialized Internet equipment, such as Cisco
Systems Inc.'s Internet Operating System, could be susceptible to this sort of
attack.
"There appears to be true potential danger associated with this,"
said a technical expert with the San Francisco-based Computer Security
Institute, Rik Farrow. Financial losses attributed to computer hacking and other
security breaches at businesses and government departments grew 42 per cent to
nearly $378 million in 2000 from 1999, according to a survey by the Computer
Security Institute.
Eighty-five per cent of respondents detected computer security breaches in
the past year, the survey said. No companies appear to have fallen victim to the
flaw, Guardent said, which characterized the hole as a new twist on an existing
security hole that had been fixed by most operating system vendors in the
mid-1990s.
The company declined to release exact details of the security hole, which
affects the Transmission Control Protocol, one-half of the TCP/IP encoding
scheme used by most computers to talk through the Internet, saying it did not
want to encourage computer hackers.
Some experts say that based on the limited information released by Guardent
so far, the risk from the hole appeared much less serious than a similar flaw
discovered in January in the software used to control how Internet users are
directed to the proper Web addresses.
"This is not a particularly new problem," said an expert with
Silicon Valley-based security consultancy, Securify Joel De La Garza. "I'd
say it is sort of like telling us that car accidents are dangerous."
(C) Reuters Limited 2001.