Ex-hacker warns of exposed systems

Complacent businesses are unwittingly leaving their systems open to attack, one of the UK's most notorious computer hackers...

Complacent businesses are unwittingly leaving their systems open to attack, one of the UK's most notorious computer hackers claimed this week, says Bill Goodwin

Cold Fire, who hit the headlines in 1997 when police arrested him for hacking into BT's computer systems, said that companies were often unaware how many back-doors they had in their networks.

IT departments are scrupulous about setting up firewalls, but many do not realise that seemingly innocuous devices such as fax machines or printers contain modems that can provide hackers with a way around the defences.

"Most people have firewalls but they are ignoring modem access to their networks. You get fax machines that have connections to the Internet. There are a lot of sophisticated printers that have modems built in," he said.

"Companies install Windows boxes to do back-ups, for example. They have remote access to allow staff to check back-ups. They don't think that anyone will be able to get the number."

However, hackers use a technique known as "war dialling" to repeatedly try phone numbers in an organisation until they find numbers that allow them into the network.

Another problem is that businesses often forget to update their firewalls from the manufacturers' default settings, but still assume their systems are safe.

"Companies think their firewall will stop all access but they never upgrade them. There are a lot of firewalls with just the default settings. But once hackers are on the network beyond the firewall, there is no security at all."

As a young hacker, Cold Fire claims to have exploited similar security weaknesses to hack into computer systems belonging to the US space agency NASA, and the US nuclear and defence laboratories at Los Alamos and Lawrence Berkley.

He was also able to penetrate IT organisations such as Sun and Microsoft, escaping with copies of the source code for operating systems under development. "I never got Windows, but I did get every version of [Sun's] Unix and I managed to get the MSDos 6 source code," he said. Cold Fire has given up hacking and now works in IT and finance.

Read more on Voice networking and VoIP

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close