• On TechRepublic: Five super-secret features in Windows 7

The Internet Is Infected Video

To play this video, you need Javascript enabled and the latest version of Flash installed. Install Flash now
The Internet Is Infected
Created: 03/31/2009
Video description: Lesley Stahl reports on computer viruses that propagate on the Internet and infect PCs, which enable their creators ? often called "cyber gangs" ? to learn the information they need to electronically rob bank accounts.

The Internet Is Infected Video Transcript

>> The internet is infected. Malicious computer hackers have been creating more and more weapons that they plant on the internet. They call their weapons viruses and worms. They're creepy crawly toxic software that contaminate our computers without our ever knowing it. You can be infected by simply visiting your favorite website or just by leaving your computer on overnight while you sleep. And the problem is growing exponentially. Last year, the number of infections tripled, and an entire industry of computer security professionals is in a race to keep the hackers from their goal, which is usually to steal your money. One of the most dangerous threats ever, a computer worm known as confickr, is spreading through the internet right now. By some estimates, 10 million computers have been infected worldwide. ^ITALIC At Symantec, the company that makes Norton anti-virus software, engineers have been tracking confickr since last November as it worms its way across the globe. ^NORMAL

>> Steve Trilling: This map is showing a visual representation of where all of the known infections of confickr are across the world.

>> This is confickr. ^ITALIC

>> Vice President Steve Trilling says the worm is now living on millions of computers, mainly in corporations. So far, the bad guys who've created it haven't triggered confickr. It's just sitting out there like a sleeper cell. ^NORMAL

>> Steve Trilling: Imagine a network of spies that has infiltrated a country, and every day, all of the spies are calling in for their instructions on what to do next.

>> What's the worm being asked to do?

>> Steve Trilling: That's the interesting thing. The only thing the worm is being asked to do is to ask for further instructions.

>> So we're talking several months, several months, it's just been sitting there.

>> Steve Trilling: That's exactly right.

>> I don't know. I'm hearing Jaws music. ^ITALIC

>> It's that ominous, because once the hackers issue instructions, confickr could turn menacing in an instant. [Mouse click] With one click, the worm's creator could instruct it to suck sensitive data, like bank passwords and account numbers, out of millions of computers or launch a massive spam attack to clog up the works. The newest targets of worms are social networking sites. Trilling showed us how it might work. ^NORMAL

>> So is this a real Facebook page?

>> Steve Trilling: This is a real Facebook page. And we added your friend and colleague, Morley Safer [assumed spelling] you can see down there in the left. ^ITALIC

>> He says a worm can crack into a Facebook account like Morley's and send a message to any one on his friend's list. ^NORMAL

>> We have a message from Morley. ^ITALIC

>> A message I'm sure to open, since it comes from a trusted friend. ^NORMAL

>> Click there, it says, "Ha, ha, ha, check...check out this hilarious video of you."

>> Steve Trilling: That's right, so--

>> Well, I would do that. ^ITALIC I took the bait. And by clicking on the video link... ^NORMAL

>> Steve Trilling: Something looks a little off.

>> Very off. Am I already infected just by that?

>> Steve Trilling: You're already infected.

>> That quickly?

>> Steve Trilling: That quickly. ^ITALIC

>> As Trilling demonstrated on the second screen, the hacker owned me. ^NORMAL

>> Steve Trilling: From here on out, as we'll see, everything you do, gonna show up on the hacker's machine. ^ITALIC

>> So when I typed my username and password into a bank website, it appeared instantly on the hacker's screen, along with my bank account details. ^NORMAL

>> Everything I type shows up here.

>> Steve Trilling: Every single keystroke you hit. In fact, if you make a mistake and hit a backspace, that shows up in the window. ^ITALIC

>> The hacker then followed me around as I browsed the internet. From CBS News... ^NORMAL

>> Steve Trilling: Take a look at what the hacker sees, right? That's exactly where you are. ^ITALIC

>> To Amazon.com. ^NORMAL

>> So if I buy something, they're gonna have my credit card.

>> Steve Trilling: Everything you type in. Your address, your credit card, it's all gonna show up in that window. ^ITALIC

>> The internet has become a mine field. Hackers have hidden their malicious software known as malware on some of the most trusted websites like eBay, the Miami Dolphins football team, even mybarackobama.com. Trilling says too few people have top-notch, up-to-date security software. ^NORMAL

>> There is something that would've prevented me from answering Morley's message or I would never have gotten Morley's message?

>> Steve Trilling: As soon as you clicked on that link and you had security software, you would immediately get an alert, "This is a bad website," and it would've blocked the attack. You would've never been hit. Putting on that software, you're preventing yourself from becoming a victim. ^ITALIC

>> But according to Symantec's own figures, the hackers are inventing 10 to 15,000 new infections every day, designed specifically to get around the latest anti-virus protections. Symantec has to send out updates every five minutes. ^NORMAL

>> You sell this. You sell the anti-virus, anti-worm stuff. How do I know you're not just saying, "Go out and get this" 'cause you sell it? I mean, you know, there's a sort of conflict of interest here.

>> Steve Trilling: Well look, Leslie, in 60 minutes, we are blocking nearly 400,000 threats around the world. If you're going out on the internet and you're not protected, it's like walking out of your house and leaving the door open. ^ITALIC

>> But Mary Rappaport says all the doors on her home computer were locked tight. She had anti-virus software and a firewall. And so she thought she was safe to do he banking online. But then she noticed something odd going on and called the bank. ^NORMAL

>> Mary Rappaport: They told me that three charges in the last three days had been made to my account. One for $3,000, one for $4,000 and one for $1,200.

>> Were you having a heart attack?

>> Mary Rappaport: Well, you know, I had the sense that time was of the essence. ^ITALIC

>> The bank replaced the stolen money and suggested that she merely change her password. That was to be the end of it. But the next day, she was checking her balance... ^NORMAL

>> Mary Rappaport: And I saw $1,000 being moved from my son's savings account into my checking account.

>> You saw it?

>> Mary Rappaport: Right before my eyes. I saw my money being moved. ^ITALIC

>> A hacker was trying to move all her money into one account, her checking account, to make it easier to transfer overseas. Luckily, the bank was able to freeze her accounts before she lost any more money. ^NORMAL

>> Mary Rappaport: I had what I thought were adequate protections. You know, I had anti-spyware software and anti-virus, and I thought I had a good enough firewall. Wrong. My understanding anyway is that they were able to get some sort of a bug onto my system that disabled the ability to update these software programs.

>> The anti-virus.

>> Mary Rappaport: Right.

>> You guys, you want some popcorn? ^ITALIC

>> Mary suspects her teenage sons picked up the bug while downloading from music or game web sites. But it could've come from any number of web sites. ^NORMAL

>> So tell me what Google is actually doing.

>> Vince Surf: To deal with some of these big problems. ^ITALIC

>> Because Google search engine is what most people use to search the net, we went to talk to Vince Surf, one of the founding fathers of the internet, and now a Vice President at Google. The company itself says that one in every 100 Google searches brings up an infected site. ^NORMAL

>> People are blaming Google, 'cause if you do the search, they say, you know, "Google should be responsible if we get infected." And you've heard that.

>> Vince Surf: I think that--I have heard that, and I think that's a very bizarre way of looking at things. ^ITALIC

>> Google's position is that it's not the policemen of the internet, but its engineers do scour the web and issue warnings about malicious infections or malware. ^NORMAL

>> Vince Surf: If we happen to see what we believe as malware on that website, then when you go there, we will pop up a webpage and it says, "We think we found malware on this site; maybe you don't wanna go there."

>> Now, I understand that if you go there anyway, Google sends you a second warning saying, "Are you serious? We just told you not to go there." Something like that.

>> Vince Surf: Of course, people still go, and at that point, it's their problem.

>> You know, the more you hear about this, the more you feel that if you bank online, shop online, open some--open an email, I mean, that almost anything you do puts you in jeopardy.

>> Vince Surf: Actually that's a true statement, that there are things, bad things can happen. On the other hand, I've been on the net ever since the net started, and I haven't had any of the bad problems that you've described. ^ITALIC

>> But tens of millions of people have. One in four Americans, according to recent reports, as the hackers get more and more sophisticated. ^NORMAL

>> I'm told that you're a hacker hunter. Is that correct?

>> Don Jackson: That's a good way to put it. ^ITALIC

>> Don Jackson is Director of Threat Intelligence at Secure Works in Atlanta, which protects corporations against cyber-attacks and tracks the hackers who launch them. ^NORMAL

>> Don Jackson: Part of my job is to know the enemy, to know our adversaries.

>> So the enemy is a hacker?

>> Don Jackson: That's right. The enemy is somebody that wants to use computers to hurt somebody else or to make money for themselves. ^ITALIC

>> Using an assumed name, Gozi, Jackson infiltrates chat rooms where hackers sell their worms and viruses to their clients, other hackers. He asks for a demo so his company can create software to disable the malware. The hackers, he says, are typically young, male and often from Russia. ^NORMAL

>> How do you track them down?

>> Don Jackson: Well, they're like any other business. They have to advertise to get clients.

>> You're saying that the hackers have ads?

>> Don Jackson: Yes.

>> On the internet?

>> Don Jackson: On the internet, publically available.

>> No.

>> Don Jackson: Unfortunately, they're all to easy to find. ^ITALIC

>> On websites like this one. He says many Russian hackers are in cyber-gangs that display fascist symbols like swastikas and anti-American artwork. And they boast about all the dollars they've stolen from the rich Americans. A single hacker can make $30,000 a month and be championed in local newspapers. ^NORMAL

>> Don Jackson: There was an example recently where two boys were arrested actually and then let go the next day. But the article in the newspaper wasn't that they were arrested, that they'd committed a crime, but saying, "Look at our two local boys made good; they cheated some greedy westerners out of so much money."

>> They're heroes.

>> Don Jackson: They are. ^ITALIC

>> It's not known who's behind the computer worm, confickr, whether it's a gang of Russian hackers or some solitary evil genius. This worm is wily. It keeps mutating. Security software companies have been kept very busy. ^NORMAL

>> You're locked out, eh? ^ITALIC

>> But confickr can jump over protections. While we were reporting this story in early March, we were stunned to learn that the wily worm had struck us, right here at CBS News. ^NORMAL

>> Louie Palez: People were having problems with their Blackberrys, their log-ons. ^ITALIC

>> Louie Palez, a network engineer, says confickr is so aggressive, it took technicians here 24/7 over ten days to hunt down and quarantine the affected computers. ^NORMAL

>> Do you actually know where it started? Can you pinpoint it?

>> Louie Palez: We really will probably never know exactly how it infected the network. We just know that once it hit, it began to propagate. ^ITALIC

>> CBS News has now contained the infection, but Palez says confickr could still be hiding undetected somewhere within the network. ^NORMAL

>> Did you think CBS was safe? Was that in your head? "We're safe"? Or did you think this could happen.

>> Louie Palez: No, I pretty much thought that we were, you know, pretty solid. You try to secure a network, but there's no guarantee that somebody can't come up with something that will, you know, wreak havoc. ^ITALIC

>> Confickr investigators have been talking about an April Fool's attack because in dissecting the worm, they can see it's been programmed to receive new instructions on April 1st. But nobody knows if the instructions will be benign or something that could disrupt the entire internet. ^NORMAL ^M00:12:28 [ Ticking ] ^E00:12:33

CNET TV
Site map
Blog
Podcast Central
CNET Live
Buzz Out Loud
The 404
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET