Burma, already one of the most censored nations on Earth, has recently been knocked off the Internet entirely. Cyber attacks starting in late October have worsened in the last few days, overwhelming Burma's Internet connection just days ahead of its upcoming November 7 elections. Some reports speculate that the Burmese military, anxious to stay in control by restricting the flow of information, is behind the attacks. But they may have an unlikely accomplice -- you and me.
The cyber attacks that are now crippling Burmese networks are known as Distributed Denial of Service (DDoS) -- attacks that work by flooding a host with requests until it crashes. How do they work?
Start by considering that more than 90 percent of the 140 billion emails sent daily are spam. Of these, about 16 percent contain moneymaking scams, including phishing attacks in which e-mail is sent from someone the user supposedly knows and trusts. Once opened, infected attachments download malware onto a host's computer, allowing access to confidential information stored on the computer system. This can turn computers into zombies, which may be linked with millions of other computers around the world to create a "botnet." These botnets then launch DDoS attacks. Which nation is currently the number one source for such attacks, due to its unsecured networks? The United States.
Even though there is not yet any direct evidence that the attacks are emanating from U.S. systems, there are a few simple steps can help keep your computer from turning into a zombie of the Burmese military.
- Install antivirus and antispyware software, like Microsoft Security Essentials.
- Keep all software up to date, especially Windows, but also programs like Adobe Reader, Flash, and Java, which are often convenient backdoors that can be closed through frequent updates.
- Use strong passwords of at least 14 characters, and keep them secret.
- Consider starting with a favorite sentence, and then just take the first letter of each word. Add numbers, punctuation, or symbols for complexity.
- Never turn off your firewall; it's an important software program that helps stop viruses and worms.
- Use flash drives cautiously. They are easily infected --in fact the biggest breach of U.S. military systems to date was due to a flash drive.
- Encrypt sensitive information on your computer with programs like Identity Finder.
- Download a program that can scan your computer for vulnerabilities.
- Be conscious of what you click on, both in emails and on the Web.
And for Mac users, don;t think that you're completely immune. Cybersecurity specialist Charlie Miller will soon be announcing a record-breaking 20 security holes found in OS-X, the Mac operating system.
Cyber attacks are a big and growing problem. In fact, forty-two percent of businesses now rate cybercrime as the greatest threat to their well-being, more than natural disaster, terrorism, and traditional crime combined. Things have gotten so bad in fact that James Lewis of the Center for Strategic and International Studies in Washington, D.C., has said: "We have a faith-based approach, in that we pray every night nothing bad will happen."
But by taking these simple steps, we can all help make it a lot harder for criminals, terrorists, and even some nations from launching the kinds of attacks that are now crippling Burmese systems. So if you want to support democratic reforms in Burma, consider starting off by checking your firewall settings.
Scott Shackelford is an Assistant Professor of Business Law and Ethics at Indiana University-Bloomington. He is also a fellow at the Center for Applied Cybersecurity Research, and the author of the forthcoming book, The New Cyberwarfare: Countering Cyber Attacks in International Law, Business, and Relations.