Broadband: Geeks bearing gifts

Broadband connections promise fast internet access. But what the providers don't tell you, says Stephen Pritchard, is that they also make you far more vulnerable to hackers
Click to follow

Dominic was happy to get his broadband connection – much faster than dial-up – but noticed after a while that his NTL cable modem connection had slowed down. He installed monitoring software on his machine, and found to his surprise that something was sending out huge amounts of data from his computer. His machine had been hacked – and broadband was to blame.

Dominic was happy to get his broadband connection – much faster than dial-up – but noticed after a while that his NTL cable modem connection had slowed down. He installed monitoring software on his machine, and found to his surprise that something was sending out huge amounts of data from his computer. His machine had been hacked – and broadband was to blame.

It wasn't as if Dominic was inexperienced; he's an internet professional based in Brighton. But his home machine had been taken over by hackers as part of a network exchanging pirated music files.

"My bandwidth was being used by someone uploading from my machine," he says. "I found the music files, which were disguised, and I also found an Excel spreadsheet." Thinking the spreadsheet might contain clues about the hacker, Dominic opened it, only to find the hacker had booby-trapped the document with an Excel macro virus. "That then corrupted all the Word documents stored on the same computer hard drive,"' he says.

At NTL's recommendation, Dominic has now installed a personal firewall program – software designed to keep out all but the smartest hackers – but he found the experience unpleasant and frightening. "The scary thing is that this is all so incredibly easy, and there seem to be huge networks of hackers doing it," he says. The same could happen to you; and our investigation found that the companies pushing broadband are doing little to prevent it.

The problem is that broadband, because it offers a permanent connection, also means that hackers can try to break into your machine all the time. Security experts say simply upgrading from dial-up to broadband without adding security is like buying a new front door without fitting any locks. With a little knowledge, even the most casual hacker can break into an unsecured broadband connection

A recent experiment by internet security company Prevention Technologies backs this up, finding that it took just minutes for hackers to target a computer that had never been online before. Prevention Technologies installed a new computer at a new IP address, which is used by internet software to identify a specific machine. As the IP address had not been used before, no hacker could have targeted Prevention's computer deliberately. Within six minutes, the computer was targeted by the Code Red virus, which hacks into other machines. Within a month, the machine was subject to some 20,000 hacking attempts, with more than 1,000 attempts traced to a single hacker.

"There are programs that will scan millions of IP addresses in just an evening," explains Toby Benn, technical spokesman at Prevention. "They don't target individuals as such, but networks; they will look at all the machines on one internet service's network and see how many they can break in to. Broadband connections are most attractive, because they are always on unless you physically unplug the machine."

With a standard dial-up modem connection, you are less vulnerable because the connection ends when you go offline. And most internet service providers allocate your computer a different IP address each time you go online. That makes it less useful to hackers who want permanent access. But the companies offering broadband do not, in general, offer or supply a firewall – software that could prevent such hacking attempts. Nor do they tell users explicitly to get such protection.

There is certainly little mention of security risks in the pre-sales information from BT Openworld, the largest provider of ADSL broadband connections, or the cable operators Telewest or NTL. When we phoned Telewest blueyonder's support, posing as a would-be broadband customer, and asked about firewalls, we were told: "We don't supply and don't recommend any. We can't. After all if people can hack into Bill Gates's machine and get his credit card details and MI5 and all that, then a simple firewall on a machine won't make a blind bit of difference." (For the record, neither Bill Gates's machine nor laptop has ever been hacked, and a firewall will at least deter hackers.) Would we have been told about firewalls if we hadn't asked? "No." Did blueyonder supply one? "No. We don't supply or recommend one." We could download one from the net, he suggested. The blueyonder web pages do contain advice about walls – but you have to search, very hard, for it.

NTL does not supply a firewall, as Dominic's experience shows. We would have liked to ask its advisers about them. But we were put on hold for longer than we can believe anyone would have been prepared to wait. It is also impossible to find out through NTL's web pages what it advises about firewalls.

BT Openworld's website has an extensive and well-laid out area on broadband – but firewalls never get a mention. BT's sales team said that no wall is provided, but that "we use a dynamic IP address, so you don't need one." We would have queried this with the BT support staff, but after half an hour of phone queuing our patience ran out.

According to Robert Temple, the chief security architect for BT Exact, BT's research arm, the company is looking at ways to either make ADSL more secure, or provide security services as part of the package on offer to ISPs. But he admits that the priority for ISPs is currently to roll out their basic broadband services.

So with no – or not enough – firewalls being installed, hackers are having a field day. "We have seen a massive increase in things like remote access Trojans [files that sit on your machine and give control to someone else], or blended threats such as Nimda [which are both virus and Trojan]," says Jack Clark, of the security and virus protection company Network Associates.

Webcams are an increasingly popular target for hackers hoping to catch their owners in a compromising position, suggests Mr Clark. More seriously, hackers scan computer hard drives for information such as passwords and log in details for banking sites or corporate networks.

Again, even the experts can fall foul to these tricks. Toby Benn admits that a hacker stole his home internet details and then used his account. The hack was only spotted when the imposter started to post obscene messages using Mr Benn's details. He knows what happened: "I had received an e-mail with an attachment from a friend, but which didn't quite gel. A Trojan installed itself, which allowed the hacker in," he says. Fortunately for Mr Benn, his ISP quickly fixed the problem. However, hackers are searching the internet for sensitive or valuable information such as credit card details or bank account numbers.

Broadband users do not have to leave themselves vulnerable to hackers. A simple software firewall program will offer a good degree of protection, at a cost of around £30. Mac OS X and Windows XP both have firewalls built in, but neither is on by default, and configuration is not easy.

A simpler alternative is to buy a broadband router with network address translation, or NAT. This is a box that sits between the broadband connectorand will block most hacking attempts. A simple router costs under £100 and will take just a few minutes to install. Whichever you choose, make sure you do it before you hook that broadband connection up. It might be 10 times quicker than dial-up – but the hackers are even faster.

Comments