ROANOKE TIMES
Copyright (c) 1995, Roanoke Times
DATE: Wednesday, December 20, 1995 TAG: 9512200090
SECTION: NATIONAL/INTERNATIONAL PAGE: A-4 EDITION: METRO
DATELINE: SAN FRANCISCO
SOURCE: Associated Press
Hundreds of computer security breaches over the past several weeks prompted officials to post a warning Tuesday on the Internet.
An advisory warned administrators of computer networks about several hundred security attacks, many successful. The warning said the number was alarming and more may have gone undetected.
All the security breaches involved well-known vulnerabilities for which software is available, said Cathy Fithen of the Computer Emergency Response Team, an institute at Carnegie Mellon University in Pittsburgh that acts as a world hot line for security.
``As far as we can tell, they're not targeting a specific domain. They're just scanning sites that haven't patched specific vulnerabilities,'' she said.
The tools the intruders use and the security holes they exploit are old by cyperspace standards, some dating to 1992. But so many sites haven't fixed the old holes that hackers don't need to come up with anything new, Fithen said.
``Sites are coming on to the Internet so fast that their system administrators and the network administrators are sometimes novices. They may not know their systems are vulnerable and that patches are available,'' she said.
``Companies are coming on line so fast, it's a hackers' market. It's like shooting fish in a barrel,'' said George Kurtz, a New York-based security consultant for the accounting firm Price Waterhouse.
The problem is only going to get worse before it gets better, said his colleague, Pete Sfoglia.
``The administrators in some of the companies have no idea what security they need to have before they hook up to the Internet.''
The break-ins have taken place on a variety of systems, ranging from business to educational institutions.
For security reasons, CERT does not release the names of specific sites or the programming tools used in the intrusions.
LENGTH: Short : 45 linesby CNB