Viruses, Security Issues Undermine Internet
Sunday, June 26, 2005
DENVER -- E-mails were flooding in from all over the country. Something strange was going on with the Internet, alarmed computer users wrote. Google, eBay and other big sites had suddenly disappeared. Kyle Haugsness scanned the reports and entered crisis mode.
Part of the Internet was broken. For the 76th time that week.
Haugsness was on duty for the Internet Storm Center, the closest thing to a 911 emergency-response system for the global network. He and a few colleagues began investigating and discovered that a hacker had taken advantage of yet another security hole. As many as 1,000 companies had effectively had their connections "poisoned," so when their employees typed in legitimate addresses they were taken to bogus Web destinations. Haugsness wrote up an alert and a suggested solution, and posted it on the Web.
Then, Haugsness turned back to his inbox. In the few hours he had spent sleuthing that March day, several dozen e-mails detailing other suspected issues had piled up.
Built by academics when everyone online was assumed to be a "good citizen," the Internet today is buckling under the weight of what is estimated to be nearly a billion diverse users surfing, racing, and tripping all over the network.
Hackers, viruses, worms, spam, spyware and phishing sites have proliferated to the point where it's nearly impossible for most computer users to go online without falling victim to them. Last year, the Carnegie Mellon University CERT Coordination Center logged 3,780 new computer security vulnerabilities, compared with 1,090 in 2000 and 171 in 1995. Computer security firm Symantec Corp. over the past decade has catalogued 11,000 vulnerabilities in 20,000 technologies, affecting 2,000 vendors.
"I'm very pessimistic about it all," said Haugsness, who has worked for the storm center for two years. "There are huge problems and outages all the time, and I see things getting worse."
Originally developed by the Defense Department, the Internet is now a global electronic communications network made up of hundreds of millions of computers, servers and other devices run by various governments, academic institutions, companies and individuals. Because no one entity owns it, the network depends on goodwill to function smoothly.
The Internet has become so huge -- and so misused -- that some worry that its power to improve society has been undermined. Now a movement is gathering steam to upgrade the network, to create an Internet 2.0. How, or even if, that could be done is a subject of much debate. But experts are increasingly convinced that the Internet's potential will never be met unless it's reinvented.
"The Internet is stuck in the flower-power days of the '60s during which people thought the world would be beautiful if you are just nice," said Karl Auerbach, a former Cisco Systems Inc. computer scientist who volunteers with several engineering groups trying to improve the Internet.
Many of the bugs in the Internet are part of its top layers of software, the jazzy, graphics-heavy, shrink-wrapped programs that come loaded on new computers or sold in retail stores. But some of the most critical issues were built into the network's core design, written decades ago and invisible to the average user.
For example, a way to verify the identity of a sender of e-mail or other communications is just beginning to become available, meaning that many criminals roam the network with relative anonymity. And the system that matches addresses to Web sites is vulnerable to hackers, redirecting users to sites they never wanted to visit.