Experts dissect hacker attacks during cybersecurity forum at Hagerstown Community College

April 27, 2011|By ANDREW SCHOTZ |
  • Congressman Roscoe G. Bartlett listens as Chris Hurley answers questions about cyber safety at a cybersecurity forum held at Hagerstown Community College.
By Yvette May, Staff Photographer

Experts Wednesday detailed simple and complex ways to protect computers during a cybersecurity forum held at Hagerstown Community College.

One basic defense against computer hackers is making passwords difficult to guess. Don't go for obvious words or names, and insert symbols and spaces, they urged.

Experts from Chickasaw Nation Industries also showed how a system of electronic commerce known as "cloud computing" could be exploited.

It was the second time this year that U.S. Rep. Roscoe G. Bartlett, R-Md., has hosted a cybersecurity forum. The first was in January at Fort Detrick in Frederick, Md.

CNI representatives led hacking demonstrations during Wednesday's forum at HCC's Athletic, Recreation and Community Center.

First, Chris Hurley played the role of a hacker who accessed someone else's computer through a Twitter page at a coffee shop with a Wi-Fi connection to the Internet, his every move shown on a projection screen.

Thanks to a downloadable program, the hacker, using actual technology, tapped a few keys and got access to the account, as if it were his. He sent a tweet out on the account.

Then, he wormed his way into the account holder's computer and accessed documents that were supposed to be confidential.

Joe Albaugh, the chief information security officer for the Federal Aviation Administration, who moderated the demonstration, said it was as if the hacker had grabbed "God rights" as an administrator of the other user's account.

Hurley said Twitter was more lax than Facebook, but has added a setting for users to automatically have a more secure network.

There is no "magic bullet" for warding off hackers, who can infiltrate various operating systems, both on PCs and Macs, participants in the demonstration said.

Fielding questions from the audience, panelists talked about evolving levels of computer attacks, such as the recent one on the Sony PlayStation network, and the range of intruders' approaches.

Bartlett likened the recreational hacker to a neighborhood prankster who breaks into a house, sets off a fire extinguisher and intentionally makes a mess. A professional, however, enters quietly, takes something of value and leaves without a trace, he said.

Panelists reminded the audience not to use the same password for a bank account as for a social media website, which gives a hacker fewer obstacles to conquer.

Hurley suggested riffing on familiar words and phrases, such as song titles — but replacing vowels with numbers or symbols, such as a zero for an O, or a 3 for an E.

Firewalls and other protective measures that businesses set up can be nullified if employees carelessly fall into the traps of unsolicited email, Albaugh said.

"Hackers rely on your inquisitiveness to click on something," he said.

"Aren't you glad these guys are on our side?" Bud Otis, Bartlett's chief of staff, asked the audience.

The Herald-Mail Articles