October 4, 2000 – On Friday the Computer Emergency Response Team (CERT) warned that the Internet is on the verge of turning into a virtual Night of the Living Dead.

According to CERT, unknown intruders have seized control of hundreds of computers on the Net and are poised to execute a devastating strike against the virtual skyscrapers of Ditgitopolis. In one incident, CERT officials identified at least 560 hosts that were unwittingly serving as part of a Tribal Flood Network – a virtual-network that allows one hacker to control an army of "zombie" computers, the combined bandwidth of which can be turned on a single Web target.

CERT reported that the situation "poses a significant threat to Internet sites and the Internet infrastructure as a whole," and that the intruders are in a position to launch a series of devastating attacks similar to the DoS assaults that brought down Yahoo!, eBay, and CNN last February.

The announcement came amid the ominous tones of an equally disturbing report issued by the General Accounting Office (GAO), stating that security of the nation's air-traffic control system has been compromised because the Federal Aviation Administration (FAA) failed to conduct background checks on 28,000 contractors and computer experts hired to deal with Y2K.

Though damage control experts in the Administration responded by stating that no breaches have been reported, and no mission-critical systems are at risk, these unnerving revelations, combined with other high-profile insurgencies, are turning the term "Net-Security" into the most ironic oxymoron of the 21st century.

A survey conducted by the FBI's Computer Security Institute stated that computer-related crimes will cost the US over $266 million this year – a more than 100-percent increase over last year – and CERT reported almost 9,000 "breach of security" incidents in the first half of 2000, versus a total of 9,859 for all of 1999.

Digital deviants demonstrated last week that nothing in the Information Age is sacred by shamelessly violating The Mouse. Disney officials reluctantly reported that a hacker broke into the computer system of Epcot Center's Leave a Legacy program and downloaded the names, addresses, and photos of 1,200 program participants. Network Mousketeers replaced the computer's firewall as an extra security measure, but the following morning found that The Mouse had been ravaged again.

Hackers also swiped the credit card information of 15,700 Western Union customers while the site was exposed during maintenance last month, and Digital:Convergence – maker of device called CueCat – lost the personal information of 140,000 members to unknown hackers. Digital:Convergence responded by mailing apologies to the victims.

Though hackers who crash popular sites or wantonly steal credit cards attract a great deal of media attention, they are merely small-arms fire along the DMZ of the cyberian frontier. The real cyber-war, is being waged in the top-secret world of corporate "Netspionage."

The undetected theft of confidential information from a corporation by competing corporations is, according to some observers, the most rampant and costly area of crime on the Net today.

For obvious stock-related reasons, corporations are not inclined to discuss the degree to which Internet infiltration occurs, but in a survey conducted by the Computer Security Institute, over half of 600 surveyed companies said they felt their competitors were responsible for launching some form of cyber-attack against them. Unlike the juvenile, occasionally amusing, cases of Web site defacement and credit card fraud, these incursions cost corporations millions of dollars and are carried out by highly skilled professionals who are rarely detected, let alone caught.

If this doesn't give you pause before logging-on to the Net, or hopping that last-minute dollar-saver flight to Vegas; if you still think it's just about the "big guys" and that you'll be safe as long as you keep your head down in the transistor-trenches; don't forget that hackers are not the only ones in cyberspace you have to worry about. Indeed, state-run security organizations take their job very seriously and have been quietly monitoring your Net traffic for years.

Echelon: a massive New Zealand-based surveillance network run by the combined intelligence services of the U.S., U.K., Canada, Australia, and New Zealand, is considered "the world's most extensive spy system for nonmilitary targets." The organization has deployed eavesdropping programs at critical nodes on the Internet, and regularly scans up to 90 percent of all Internet traffic, including e-mail and chat text, searching for keywords that might indicate illegal activity. And, though Echelon is by far the biggest, it's by no means the only electronic surveillance group in the world. The FBI uses a super-fast computer known as Carnivore to scan Web and e-mail traffic, England's MI5 announced plans to spend $36 million to build a similar facility, and most ISP's in Russia are required by the state to run monitoring software on their servers.

Further proof that "Big Browser is watching" was provided last week by Georgi Guninski, a Bulgarian computer analyst and self-described bug hunter, who announced the discovery of a security hole in Microsoft's Internet Explorer 5.5 that could allow a malicious programmer to steal every file to which a user has access and send it to an arbitrary server.

In addition, the Privacy Foundation sounded an alarm on the increasingly widespread use of a digital-surveillance tool known as "web-bugs." These tracking devices, unlike standard cookies, are invisible and can't be controlled or disabled by the user. They occur on web pages and in e-mails as clear graphics (a microscopic one-pixel by one-pixel in dimension) and clandestinely transmit information about the viewer back to the host.

So what is a surfer to do when faced with paddling out through the perilous spy vs. spy, bug eat cookie, zombie-infested waves of the World Wide Web?

It's probably best to heed the words of Kevin Mitnick, infamous for being the first hacker to have his mug on an FBI "Most Wanted" poster, when he warned IT managers at a conference last week that "it's not a matter of if you're being watched, it's a matter of when, how much, and by whom." In short, he recommended privacy concerned Netizens adopt the mantra: "In God we trust. Everybody else is suspect."