Monday, April 23, 2018

In July, Internet may go dark for hackers' hundreds of thousands of victims

WASHINGTON — For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.

Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.

The FBI is encouraging users to visit a website run by its security partner, dcwg.org, that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet.

Most victims don't even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.

Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.

"We started to realize that we might have a little bit of a problem on our hands because . . . if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service," said Tom Grasso, an FBI supervisory special agent. "The average user would open up Internet Explorer and get 'page not found' and think the Internet is broken."

On the night of the arrests, the agency brought in Paul Vixie, chairman and founder of Internet Systems Consortium, to install two Internet servers to take the place of the truckload of impounded rogue servers that infected computers were using. Federal officials planned to keep their servers online until March, giving everyone opportunity to clean their computers. But it wasn't enough time. A federal judge in New York extended the deadline until July.

Now, said Grasso, "the full court press is on to get people to address this problem." And it's up to computer users to check their PCs.

This is what happened:

Hackers infected a network of probably more than 570,000 computers worldwide. They took advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software on the victim computers. This turned off antivirus updates and changed the way the computers reconcile website addresses behind the scenes on the Internet's domain name system.

The DNS system is a network of servers that translates a Web address — such as www.ap.org — into the numerical addresses that computers use. Victim computers were reprogrammed to use rogue DNS servers owned by the attackers. This allowed the attackers to redirect computers to fraudulent versions of any website.

The hackers earned profits from advertisements that appeared on websites that victims were tricked into visiting. The scam netted the hackers at least $14 million, according to the FBI. It also made thousands of computers reliant on the rogue servers for their Internet browsing.

When the FBI and others arrested six Estonians last November, the agency replaced the rogue servers with Vixie's clean ones. Installing and running the two substitute servers for eight months is costing the federal government about $87,000.

The number of victims is hard to pinpoint, but the FBI believes that on the day of the arrests, at least 568,000 unique Internet addresses were using the rogue servers. Five months later, FBI estimates that the number is down to at least 360,000. The U.S. has the most, about 85,000, federal authorities said. Other countries with more than 20,000 each include Italy, India, England and Germany. Smaller numbers are online in Spain, France, Canada, China and Mexico.

Vixie said most of the victims are probably individual home users, rather than corporations with technology staffs who routinely check the computers.

FBI officials said they organized an unusual system to avoid any appearance of government intrusion into the Internet or private computers. While this is the first time the FBI has used it, it won't be the last.

"This is the future of what we will be doing," said Eric Strom, a unit chief in the FBI's Cyber Division. "Until there is a change in the legal system, both inside and outside the United States, to get up to speed with the cyber problem, we will have to go down these paths, trailblazing if you will, on these types of investigations."

Comments
Rick Scott’s term limits idea: Hugely popular and highly unrealistic

Rick Scott’s term limits idea: Hugely popular and highly unrealistic

Gov. Rick Scott's first policy idea as a U.S. Senate candidate won't happen and most of his fellow Republicans don't support it.But it's a surefire applause line at political rallies.Scott wants term limits for members of Congress: 12 years and no mo...
Updated: 2 minutes ago
You know who else uses your Facebook data? Florida lawmakers who grilled Mark Zuckerberg

You know who else uses your Facebook data? Florida lawmakers who grilled Mark Zuckerberg

Facebook founder Mark Zuckerberg hardly finished a sentence as U.S. Rep. Kathy Castor peppered him earlier this month with pointed questions about his company's collection of private data. The Tampa Democrat called Facebook's promise to connect famil...
Updated: 2 minutes ago
Hillsborough teacher pay plan will get its “day in court”

Hillsborough teacher pay plan will get its “day in court”

There are two competing narratives when it comes to teacher pay in Hillsborough County:One: That a pay plan, negotiated in the glory days of teaching reform, has bled the district dry."Our district has given our employees more than $200 million in pa...
Updated: 6 minutes ago
Can New Tampa handle nearly 700 more homes? Not without major changes, council member says

Can New Tampa handle nearly 700 more homes? Not without major changes, council member says

TAMPA — New Tampa was built on sprawl. Big houses, often in gated communities with lots of green space, are the operating principle for developing the area Tampa annexed in pieces starting in the mid 1980s.But residents who love the good schools and ...
Updated: 16 minutes ago
Scattered showers, thunderstorms kick off muggy week across Tampa Bay

Scattered showers, thunderstorms kick off muggy week across Tampa Bay

A large, disturbed weather system could drop thunderstorms and scattered showers across Tampa Bay. This is the same system that has caused water spouts and tornadoes to touch down around the Fort Walton Beach area in the Florida panhandle.This storm...
Updated: 1 hour ago
Florida education news: Substitute teachers, school renovations, turnarounds and more

Florida education news: Substitute teachers, school renovations, turnarounds and more

SUBS: Hillsborough County school district officials learned months ago of misconduct by their substitute teacher service. Leaders demanded quick answers and action. Four months later, they've gotten neither.REBUILDING: The estimates to renovate ...
Updated: 1 hour ago
Waffle House customer on why he rushed shooter: ‘He was going to have to work to kill me’

Waffle House customer on why he rushed shooter: ‘He was going to have to work to kill me’

Moments before the first shot, James Shaw Jr. was watching a Waffle House employee wash dishes, stacking them higher and higher. When the first shot was fired, Shaw thought the tower of plates had come crashing down, he would later recount at a news ...
Updated: 1 hour ago
Royal baby on the way: Kate Middleton in labor with third child

Royal baby on the way: Kate Middleton in labor with third child

LONDON — The Duchess of Cambridge entered a London hospital Monday in labor, Britain’s royal palace said. The baby will be a third child for her and husband Prince William and fifth in line to the throne. The 36-year-old duchess and her husband trave...
Updated: 1 hour ago
New lynching memorial offers chance to remember, heal

New lynching memorial offers chance to remember, heal

A new memorial is opening to honor thousands of people killed in racist lynchings
Updated: 1 hour ago

29-year-old chef dies after collapsing at London Marathon

London Marathon organizers say a 29-year-old man died after collapsing near the end of Sunday's race in the hottest conditions ever seen for the event
Updated: 1 hour ago