Fears Raised over TeamViewer Hack

Security,
27
Jun 2016

unnamedRemote software has been vital for conducting online meetings and sharing desktops for years, but one of the most popular, TeamViewer, keeps getting hacked.

TeamViewer has regularly been the go-to option when it comes to businesses communicating online with colleagues, customers and technical support teams. Naturally, the procedures behind using remote software require a high level of trust.

And that’s why it’s worrying that a program which already asks you to relinquish control is at risk of being hijacked itself. This is potentially very troubling for businesses, so I’m going to take a look at what’s happening with TeamViewer.

TeamViewer Hack

The first rumblings of a hack emerged at the start of June when a disturbingly high number of TeamViewer users found that their PayPal accounts had been accessed. This was achieved by hijacking the users’ web browsers and accessing webmail and PayPal where users where still signed in.

What’s particularly worrying here is that many users reported having high levels of security in place. Even two-factor authentication (a gold standard of security) was not enough to stop the hijack taking place. Some of the hackers’ targets were lucky enough to be at their PC when the attacks took place, so were able to disconnect or revoke privileges, but others were not so lucky.

TeamViewer has not been keen to accept any liability for the attack. In fact, they have pointed the blame at their users re-using their TeamViewer login credentials on other websites which have then been hacked. However, it remains curiously strange that TeamViewer’s website went down for three hours at the height of the attack.

TeamViewer have since released a statement which confirmed their website outage, but claimed this was down to a denial-of-service and not a security breach.

TeamViewer’s Response

ximg_574f98a4ce746.png.pagespeed.gp+jp+jw+pj+js+rj+rp+rw+ri+cp+md.ic.Q8u1TYoCvPDespite TeamViewer not wanting to take any responsibility, they have since released two new additions to their software to increase security:

  1. Trusted Devices – By activating Trusted Devices, users are given the ability to approve any new device which is trying to connect to a TeamViewer session.
  2. Data Integrity – This feature is particularly clever as it monitors for any unusual behavior within the TeamViewer session. And, if this is detected, TeamViewer will not allow the session to continue without users resetting the password.

These are certainly useful features, but given the precious nature of remote sharing software, many users are wondering why these were not in place already.

Login Credentials Theft

Although many TeamViewer customers are upset over the company’s reluctance to accept any responsibility, TeamViewer may have a point about the theft of login credentials.

Just recently, a hacker has been trying to sell a mammoth database of stolen login credentials totaling around 640 million passwords. This is a major security threat and highlights the importance of protecting your passwords.

The best advice I can give, regarding passwords, is to remember the following:

  • Don’t reuse passwords on different accounts
  • Do not write down or tell other people your password
  • Use two factor verification wherever possible

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Insiders: How to Tackle Your Biggest Security Threat

Security
07
Jun 2016

Insider_Threat

There’s a lot written about the wide range of external security threats to your business, but what about internal security threats? Do they exist?

Yes, they most certainly do! Your staff – or insiders as they’re known – pose the biggest security risk going for your business. Whilst there can be malicious intent on the part of insiders, the threat is more likely to come from an innocent mistake.

It’s crucial, therefore, that your business doesn’t allocate all its security energies purely on external risks. Instead, you need to make sure that there’s a well maintained program for monitoring the activities of your staff as well as educating them.

In order to understand these security threats and minimize their chances of occurring, I’m going to discuss the security phenomena of insiders.

Who Is an Insider?

The most important thing to note about insiders is that they’re not necessarily drawn exclusively from your pool of employees. What actually defines an individual’s status as an insider is whether they have access to your systems and data.

Now, whilst this immediately points towards your employees, it also indicates that the following individuals can be considered insiders:

  • Contractors such as IT teams and cloud suppliers
  • External auditors
  • Visiting customers accessing your Wi-Fi connection

Naturally, this opens up your businesses data to a large number of insiders who can pass easily in and out of your system.

What Risks Does an Insider Pose?

email_attachments

Once an insider has access to your system there is a potentially huge list of activities they could carry out to breach your security and leave your data in a precarious position.

The actual nature of these breaches may seem relatively crude and simple, but they can have a particularly devastating effect. Say, for example, you keep a monthly spreadsheet of all your dealings with clients, wouldn’t it be an absolute nightmare if it fell into your competitors’ hands?

With a malicious insider at work this nightmare could soon become a reality with just one email attachment.

Of course, there still remain more sophisticated security breaches that can be instigated by an insider. Malware can be installed through USB sticks which can leave your network at the mercy of trojan horses, ransomware and potentially crippling system crashes.

And we can’t forget the good old fashioned carelessness of human error. It’s very easy for a naive employee to fall for an email scam and disclose sensitive details such as logon names and passwords, so this remains a major security risk.

Tackling the Threat of Insiders

Thankfully, businesses aren’t helpless in the face of insider security threats. In fact, they’re some of the simplest security breaches to prevent. Let’s take a look at what you can do:

  • Monitor abnormal behavior of employees such as accessing data and areas of the network not associated with their job role
  • Impose a strict level of access to third parties working on your network and ensure their activity can be monitored
  • Allocate access permissions based on employee roles in the organization to minimize the number of people accessing secure data
  • Prevent the usage of unauthorized external devices on your network e.g. employee’s personal USB sticks

Keeping the Insiders Out?

Now, it may seem as though this article points the fingers at your employees and third parties whilst screaming “DANGER!” but this isn’t the case! What I want to do is make you aware of how important it is to protect your business from all angles. The threat may come externally or it may come internally, but either way a threat is a threat and it’s crucial you counter all of them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More