Printer Friendly



AS COMPUTER NETWORKS become more pervasive in everyday life, there are more reasons for people to want to tamper with them. Because e-commerce attracts more and more money to the internet, the old-fashioned game of cops-and-robbers now enters the new territory of cyberspace.

A new industry of computer security has given rise to a colorful vocabulary, heavily influenced by science fiction and fantasy writers. There are the Samurai (hackers who hire out for legal jobs unveiling difficult-to-access information) who work for the suits whom they despise. There are the Dark Side Hackers who are out to steal or destroy information. They roam the internet trying to get through firewalls (programs set up to protect particular networks). They risk getting caught in iron boxes or venus flytraps (traps for remote hackers).

Among the "malware" (malicious programs) which can be found on computer networks, viruses are the most feared -- these are programs hidden in other programs which can do all sorts of unauthorized tasks. The Chernobyl Virus, for example, attempts to erase the entire hard drive and disable a key chip in the computer. In some versions of the virus, it becomes active on the 26th of every month, recalling the April 26 date of the Chernobyl disaster.

Also dangerous are worms, self-contained programs which roam the internet looking for systems to break into and disable. The most famous worm incident remains The Great Worm of 1988, (which was mistakenly called a virus in the press). This little program disabled thousands of computers around the country by clogging them up, much to the dismay of its perpetrator, who had not anticipated it would replicate itself so quickly. Although the worst infestations of the Great Worm were cleared in a couple of days, it still occasionally shows up and needs to be dealt with.

There is another piece of "malware" which has started to get headlines -- the Trojan Horse. This is a program which looks like something else, but when it runs on your computer it performs various hidden tasks. Some observers call it a kind of virus, but some Trojan Horses can have worm-like properties as well.

The metaphor, of course, goes back a few thousand years to the end of the Trojan War, when the invading Greeks appeared to give up and sail away from Troy, leaving behind a large wooden horse as a mute offering. When the triumphant Trojans pulled the horse, conveniently provided with wheels, into their city, Greek soldiers hidden inside sneaked out after the party was over and opened the gates of the city. The Greeks came in and slaughtered the unsuspecting Trojans.

The Trojan Horse deception was the idea of the wily Odysseus, one of the Greek leaders. However, Odysseus incurred the displeasure of the Gods, who detoured his trip home for over ten years. His various improbable adventures are chronicled in The Odyssey, one of the great mythic tales of all time. When Odysseus did get back home to Ithaca in Greece, he had to slaughter dozens of suitors who were wooing his wife and eating his provisions. So maybe it is not such a good idea to author a Trojan Horse.

As a metaphor, however, the Trojan Horse imagery works effectively. It captures the deceptive nature of the programs, and calls to mind the problem of hidden elements within the program which work against the purposes of the owner. It also implies that this program is something made by humans, not an organic, natural phenomenon as implied by the virus and worm metaphors.

A Trojan Horse named "Explore.Zip" made headlines in June, 1999. It was first detected in Israel, but in less than a week had spread around the world. It erased files on tens of thousands of corporate computers at AT&T, Boeing, General Electric, Microsoft, and perhaps others. (See Meyerson, 1999.)

This Trojan Horse arrived as an attachment to an e-mail message. The e-mail message came from the computer of someone you knew, and stated "I received your e-mail and I shall send you a reply ASAP. 'Til then, take a look at the attached zipped does." The attached file, named "zipped-files.exe" contained the Trojan Horse. (An "exe" suffix means the file is executable, in other words, a program which will run on your machine.)

Once the "exe" file was run, it would let loose sub-programs which would do several things. It would attempt to erase many different types of files on your computer. It would create a copy of itself, and store it in a particular location. It would attempt to infect other machines through the capacity of some networked machines to share files. (Because of the file-sharing tactic, a networked machine which was cleared of the Trojan Horse might get re-infected within seconds if there was another infected machine on the network.) And "Explore.Zip" would send e-mail messages like the one quoted above to people you had recently received e-mail from. This Trojan Horse was so busy, in fact, that it would clog up local networks, slowing down traffic and creating denial of service in some cases.

Cases like this, where damage to networks is widespread, are hard to get accurate information about. A public relations lid gets clamped down pretty quickly. "Explore.Zip" had its 15 minutes of fame, so it could be exposed and people could be warned, but it is hard to know how much damage it did, to whom, and for how long. Like most "malware," it was directed against Microsoft platforms; in this case, machines running Windows 95, Windows 98, and Windows NT operating systems became infected.

"Explore.Zip" was particularly effective because it came in an e-mail message, apparently from someone the user knew, and therefore trusted. Before this, the security precaution had been "never open attachments on e-mail from people you don't know." But in the fluid and fast-as-light world of internet cops-and-robbers, this precaution could be voided.

A Trojan Horse must be run on a computer by the user before it can work its malicious magic. Many ploys have been used to trick users into executing a Trojan Horse program. One was a false upgrade to Microsoft's Internet Explorer, complete with a message from Microsoft" promising that the upgrade would fix some bugs and update the program. Instead the "upgrade" changed and deleted files and attempted to contact remote systems. Other Trojan Horses come disguised as computer games, which when downloaded and run, perform hidden tasks. One Trojan Horse was even disguised as an anti-virus program for Macintosh computers.

But currently, the big "industry" in Trojan Horses seems to consist mainly of installing secret programs which steal user identification and passwords from America On Line (AOL) users.

AOL security says it has detected hundreds of such programs. In 1999 a Trojan Horse named "Picture.Exe" was discovered. It arrived as an attachment to an unsolicited e-mail message to AOL users. If the attachment was opened and the program executed, this Trojan Horse would gather up the user's identification and password, as well as every e-mail address from all stored e-mail, and a history of where a user's web browser had been.

Then, "Picture.Exe" attempted to e-mail all this information to one of eight sites in China. Why China? No one is quite sure, and the Chinese authorities do not seem anxious to put a lot of effort into investigating. The e-mails are probably remailed from those addresses elsewhere, but you would still think the Chinese would not want their turf used for such a venture. (See Sullivan, 1999.)

Once someone is in possession of your user ID and password, they can log on to a network and pretend they are you for various purposes. Sometimes it is just service time which is stolen, sometimes purchases are made or information is received fraudulently. In any case, privacy on-line is the site of a constant battle, one which frequently spills over the boundaries of cyberspace into the "real" world. The devices and countermeasures are getting more and more complex and sophisticated. The Trojan Horse programs are an ominous escalation of that struggle.

(*.) Raymond Gozzi, Jr., is Associate Professor in the Park School of Communications, Ithaca College, Ithaca, NY. His most recent book, The Power of Metaphor in the Age of Electronic Media, Hampton Press, 1999, contains articles from Dr. Gozzi's columns in ETC, as well as new chapters on metaphor, and is available from ISGS.


For information on these and other Trojan Horses, I recommend the Carnegie-Mellon University Computer Emergency Response Team (CERT) web site, which has information, advisories, and directions to access counter-measures. [less than][greater than]

Meyerson, Bruce. (June 15, 1999) "Worm Digs Deeper in Networks." Ithaca (New York) Journal, 6A.

Sullivan, Bob. (Jan 14, 1999) "Trojan Horse Maps Drive, Lifts Addresses." ZDNet: [less than][greater than]
COPYRIGHT 2000 Institute of General Semantics
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2000, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Publication:ETC.: A Review of General Semantics
Geographic Code:1USA
Date:Mar 22, 2000

Related Articles
Big Mac attack? A wake-up call for OS X users.
Trojan horse disguised as Beckham.
New Trojan horse sends mobile phone spam.
System monitor and Trojan horse infection rates rise in enterprise networks.
Troj/ Bagle D1-L Trojan horse.
Britain warns of Trojan horse computer attacks.
The real threat of the Oompa-Loompa Trojan horse, Intego.
Ransom Trojan horse demands money with menaces.
World Cup wallchart Trojan horse.

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters