Philippa Murray Philippa Murray
1 - Main Street
1 - Main Street
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
TechSpot<br />
More Adventures with Computer Security<br />
Steve Friedman (Vice President, COO, TECHSPA) - Main Street<br />
Last month TechSpot covered some “adventures”<br />
with insidious malware, techniques to keep safe from<br />
infection, and if you are unfortunate enough to get hit<br />
with it, some ways for it to be removed. Since then,<br />
I’ve received so many calls and questions that I felt compelled to continue. In this<br />
follow-up, I’d like to start by mentioning some additional security vulnerabilities<br />
and exploits that are not secretly injected into your computer over the Internet.<br />
Instead, telephone scam artists, trying to enlist your cooperation in compromising<br />
your own security, attempt to breach your safety. I have personally experienced<br />
these attempts. Just the other day, I got a call from Gord Savery (thanks Gord!)<br />
reminding me about these calls. Here’s the scenario: someone calls claiming to be<br />
from a well-known computer company, a software developer such as Microsoft, or<br />
a security software company, like Symantec. They say they’ve noticed “dangerous<br />
activity” or have “seen many errors” coming from your computer and they ask<br />
you to allow them access to remotely “fix the problem.”<br />
These characters actually have no knowledge of what’s on your computer, nor<br />
do they have a connection to your computer, yet! They’re attempting to get you<br />
to provide it for them. Once you let them in, if you’re gullible enough, they can<br />
then have their way with your computer. Let’s get this straight! Unless you’ve<br />
contracted with somebody to remotely maintain your computer, no one should<br />
have access to see anything on your computer over the Internet. That’s what<br />
firewalls are for. Most modern operating systems are set, by default, to block<br />
incoming connections. Unless you really know what you’re doing, don’t change<br />
these settings and open connections from outside.<br />
Here’s another non-viral vulnerability. When your Wi-Fi router is installed,<br />
most installers commit a very serious security error. The mistake is forgetting to<br />
properly secure the router’s administration settings. Your wireless Wi-Fi network<br />
access may have a secure password to prevent unauthorized wireless access<br />
to your network, but access by a wired connection, as with an Ethernet cable<br />
plugged directly into your router, doesn’t require a password. This administrator<br />
configuration is critical, but often left installed with its factory settings. Since<br />
the factory settings are widely available for tutorials on the Internet and easily<br />
located, access to this most vulnerable part of your router is left wide open. With<br />
wired, or an unprotected “guest access,” your administration configuration page<br />
allows anyone to gain control or even reassign whatever passwords you’d created.<br />
The most popular routers come from the factory set with Admin as the username<br />
and Admin as the password (or some variation, like blank user name or<br />
“password”). The instructions don’t make it nearly clear enough, how critical this<br />
setting is. And the Quick-Start guides hardly ever mention it. It’s actually more<br />
important than the password for your wireless connections since control of your<br />
router configuration allows an administrator to establish a remote connection over<br />
the Internet at any time.<br />
Last but not least, one more horrible exploit I forgot to mention is a nasty, little<br />
package that comes to you via the Internet. Once your computer is infected,<br />
several separate programs start their work. All of a sudden, your computer is<br />
hijacked and displays a message claiming to be none other than the RCMP,<br />
notifying you that they have detected that you have downloaded illegally obtained<br />
copyrighted material such as music or video, OR, downloaded child pornography,<br />
or something else illegal to have on your computer.<br />
This notice is obviously tailored to scare you into immediately paying a ransom<br />
to free your computer. It directs you to pay a $100 fee through its window, by<br />
credit card, in order to release your computer. Sadly, after submitting payment,<br />
your money and identity are stolen while your computer is still locked from your<br />
access. Multiple pieces of special anti-malware software is required to adequately<br />
remove all the parts, which unless completely removed, will automatically<br />
reinstall when you restart.<br />
If you’re currently experiencing any of these threats, it’s time for attention and I’d<br />
be glad to help.<br />
If you would like to access my previous articles, please go to www.facebook.com/<br />
techspa.inc/notes or http://themainstreet.org/previous-editions.html<br />
If you have any questions regarding the topic of this article, please call TECHSPA<br />
at 450 227-4118 or email info@techspa.ca.<br />
May 2013<br />
13