November 2007

I’ve heard scary stories about the Internet in the past, but two recent ones are the most terrifying. I don’t, uh, mean to terrify you, but you should know about this. It’s one more reminder of how essential it is to protect your computer against viruses, spyware, and “Trojan horses.”

Because of an earlier column I wrote about having $8,000 stolen via my PayPal account (and getting promptly reimbursed by PayPal), I sometimes get e-mails from people who are going through similar experiences.

An e-mail I received in August from a young woman began by telling me how she happened to notice that someone had stolen some money from her PayPal account. She changed her password and security answers, and then checked her PayPal account, only to find more money had been taken.

So she called PayPal and was put on hold. While she was waiting, she began to fill in a fraud report on PayPal’s web site. Then the PayPal agent came on the phone, and as she was talking to him, her PC started to type on its own and said, “I see you m-----f-----.”

The PayPal agent said to immediately disconnect from the Internet and scan her PC. She found and deleted a couple Trojan horses. Subsequently, PayPal agreed that it was a fraud and reimbursed her the $240 that had been stolen. But that wasn’t the end of it.

It happened again, but this time the thief took $7,000. He was also deleting her e-mail before she had a chance to read it. So she did another scan and deleted more Trojan horses.

She then went back to the PayPal site to change her password. But because she’d changed it so many times, she couldn’t remember what it was. She then went through the Forgotten Password process, which entailed clicking on a link at the PayPal site, receiving an e-mail with a link to a form, and typing in the answer to the security question on that form.

But as she was typing, her Internet connection was turned off. So she went through the process several more times, each time going back to the e-mail, clicking on the link, then beginning to type the security answer, and then having her Internet connection turned off.

Then the PayPal e-mail disappeared from her Inbox, and she found it in the Deleted Items folder. As she was looking at it, a message appeared on her screen asking her if she wanted to permanently delete her e-mail. But before she could click “no,” her e-mail was deleted. Someone was controlling her computer remotely.

PayPal later e-mailed her and denied her fraud claim. She sent them a letter of appeal, and then she e-mailed me, asking me what to do. Unfortunately, I could only sympathize.

Scary? It gets worse. What would happen if the bad guys, the sort that invaded this young woman’s computer, instead put some software on your computer that uses a portion of its processing power in concert with many other compromised computers (called “zombies”), essentially creating a supercomputer that can be harnessed for nefarious purposes?

This has happened. InformationWeek has been reporting about the “Storm worm botnet,” a network of an estimated 2 million zombie computers.

How powerful is this botnet? One expert quoted in InformationWeek estimates it has more computing power than the top 500 supercomputers combined. In addition, because experts have occasionally seen spikes in the processing power, one expert suspects it could be as large as 50 million zombie computers. If your PC has been running a bit slow lately, you might be one of them.

Mostly the botnet has been used for disseminating spam. But experts say that such a computer could have tremendous destructive power — such as using a denial-of-service attack to overwhelm government or corporate computers, thereby them inaccessible via a network.

Yep, it’s scary. But also, in other respects, it’s one of the wonderful things about the Internet. Has your Internet columnist gone nuts? No, truthfully, what makes the Internet extraordinary is its openness: the connectivity, the simple ability to share information, the opportunity to interact with others, and the contributions you make to this intelligent system even just by the act of selecting a link to click on.

This openness allows a widely distributed, bottom-up organizing power. It’s much like life itself. And just as living systems face broaches of their integrity via infectious organisms, so too does this distributed, dynamic, and evolving system we call the Internet. Emergent order is a delicate dance between forces, and I’m betting on the good guys.

© 2007 by Jim Karpen, Ph.D