Computerworld

Half of US broadband users unprotected

Up to half of US broadband users are leaving themselves wide open to attack by internet thieves and hackers.

          Up to half of US broadband users are leaving themselves wide open to attack by internet thieves and hackers.

          Why? Because subscribers to "always on" net connections aren't using any protection -- like a firewall or antivirus software -- to keep the black hats from gaining access to their PCs.

          A survey of 1000 families reveals 50% of US broadband subscribers (including digital subscriber line, cable, and satellite services) do not have intrusion protection, says digital communications researcher Cahners In-Stat Group.

          "I think a lot of it is they don't realise there is a problem, especially more of the novice users," says Jaclynn Bumback, research analyst for In-Stat's enterprise and residential communications group. "They don't realise that even when their browser is not open, they are vulnerable to attacks. Since they don't realise they are vulnerable, they don't pay the money for the software and hardware that can protect them."

          Patti Dock, vice president of corporate development for security software company McAfee.com, isn't surprised by the big percentage of unprotected broadband users. She says many people seem to have a blind faith when they get net access, especially high-speed access.

          "They forget to take the same common sense precautions they would with their auto and home," Dock says. "It's like going on vacation and not locking the front door. You just wouldn't do that, and that's what people do when they don't put firewall protection on their computers."

          Assessing risks

          "The principle threat to you is that your machine gets used in a way that you don't want it to get used," says Alan Paller, head of research for the System Administration Networking and Security (SANS) Institute, a cooperative research and education association in Washington.

          Personal digital information -- like credit card and bank account numbers -- is often stored in PCs, which makes it a good target if it lacks protection.

          "These things are easy to find," Paller says. "They have a shape, and that's one of the things people can pick up on."

          Paller says an even greater risk is that your broadband-enabled PC will be commandeered for use by third parties in attacks that disable personal and commercial websites, much like the distributed denial of service (DDoS) attacks on Yahoo and EBay last year.

          "The number of scanners is increasing every day. We have reason to believe there are 2000 to 3000 programs actively on the internet at all times, looking for people who are silly enough to leave their computer on," Paller says.

          Getting protection

          Protecting yourself isn't difficult. The SANS website offers ongoing suggestions and alerts about the latest virus sightings.

          Firewalls alone won't protect you from viruses, Paller notes. Several recent viruses have been widely spread as email attachments. The widely reported Anna Kournikova virus, for example, spread as an email attachment that was purportedly a picture of the tennis star. Likewise, the NakedWife virus was also spread as an email message, sporting a subject line offering a tantalising come-on.

          Antivirus software is available from a variety of security companies, including McAfee.com and Symantec. Antivirus software vendors urge customers to update the virus definitions frequently, because hackers are always coming up with new tactics to frustrate unsuspecting computer owners. The antivirus vendors are usually quick to add protection from new viruses as they emerge.

          "Up-to-date virus protection ... that's the first line of defence," says Paller. "The second line of defence, that lets you stop the people who are looking around for those open windows, is what the firewall does."

          Broadband grows, risk grows

          In-Stat estimates US broadband subscribers will pass 8.3 million this year (up 82% from 2000) and then grow to 14.1 million in 2002. Researchers say it will hit 22.9 million in 2003, 32.7 million in 2004, and 39.4 million in 2005.

          Climbing alongside the user population will be the business of providing security to the broadband community. In-Stat expects consumers with high-speed net access will be buying $US800 million worth of security products and services by 2005, up from just $US74 million last year.

          Microsoft's Windows XP will reportedly include some rudimentary internet security features, but most current net users must rely on outside vendors to sell them, or in some cases give them, online security protection. For example, Zone Labs offers a free downloadable version of its popular ZoneAlarm firewall.

          Some internet service providers (ISPs) are taking on responsibility as well. McAfee has a deal with SBC Communications to offer firewall and antivirus software to the telecommunications company's online customers, including broadband users. Symantec offers its Norton Internet security, firewall, and antivirus software through promotions for BellSouth and EarthLink customers.

          Other ISPs include security warnings in their communications with new customers, and several recommend specific products.