The hackers have gone too far now. When they were defacing Web sites and launching denial-of-service attacks against eBay and the like, they were annoying, but the general public still gave them a grudging amount of respect. After all, to take down well-protected networks and hack firewalls and intrusion detection systems, they had to be pretty smart.
But now hacking has hit home — literally. Hundreds of thousands of regular computer users, who never did a thing to provoke a hack attack, have found themselves scurrying to fix their infected machines in the wake of the Blaster worm.
No longer is information security a distant idea. No longer is the damage wrought by hacking just a dollar sign tucked inside a news story, money that big corporations can suck up. Hackers have made it personal, and it’s going to cost them. Just ask Jeffrey Lee Parson, who was arrested last week and charged with authoring a Blaster variant.
Sure, home users machines’ have been infected by annoying viruses in the past, but all of those viruses required users to open an e-mail attachment, which by definition made them at least partially culpable for their own woes. Blaster changed that, as more than a million users found out the hard way.
Right now, Parson is no doubt hoping and praying that the judge and prosecutor who get his case are Mac users. That may be the best hope the Minnesota teenager, facing charges that he launched a copycat version of the Blaster worm, has to avoid being held up as an example.
Already, there are worldwide calls for Parson to receive a stiff penalty if found guilty, with a long jail term and a brutal fine seen by editorial writers and message board pundits as suitable payback for their inconvenience.
Catching Parson — who will serve as a fine scapegoat until and unless they catch the original Blaster author — makes it all seem neat and tidy for computer users hacked by the slithering worm. Sure, most are still mad at Microsoft, but they can’t be too critical of the software maker without also calling attention to the fact that they themselves are lax when it comes to using firewalls and installing patches.
So, instead, the hacker is the bad guy. All the mystery and intrigue, and all the grudging respect, are gone. Now, there’s just anger.
Start of Something Big?
The recent wave of worms might even be enough to cause real changes in the security industry. If users are smart, they’ll start expecting and demanding better protection from ISPs, which in turn will raise the bar for the software makers and security vendors they work with to keep networks safe. It won’t be a revolutionary change — more like ripples from a rock thrown into a pond.
Meanwhile, the average computer user must come to grips with the fact that he’s now a target. How will he react? By updating virus software and patching operating systems religiously? Yeah, right.
No, home users who get hacked will look for people to blame. If they can’t find the hacker at the heart of the problem, they’ll find another target, you can be sure of that.
As for the hackers, who pride themselves on always staying a step ahead of law enforcement and the security industry, the message is that they’ve used up the best part of their 20 minutes of fame. Crash worldwide computer systems if you must, but mess with a person’s ability to send e-mail and you’ve gone too far. Way too far.