The dangers of remote access software, a bank is punished for getting hacked, and more tips for Cyber Security Awareness month.
Not all malware is spread by email. Some attackers look for exposed doors, called ports, on your computer. The ports are in the software that lets your PC communicate over the Internet. According to SecurityWeek, a security researcher just tripped over an old FBI document that explained how an American infected a lot of Macintosh computers over 13 years by scanning the Internet looking for those open ports. Then he’d try hacking into the computers, hoping the software had weak passwords. One of the applications the attacker exploited was remote access software, which I recently told you about. It’s supposed to help IT support staff connect to your computer when you need assistance. But if it isn’t configured right it could be used against you. This is another reminder to have up to date security software on your computer – even if it’s a Mac. And if you need remote access software on your PC, make sure it has a strong password. By the way, the American has been charged and is now before the courts.
Do you use Foxit for reading and editing PDF documents? Make sure you’ve updated to the latest version, which has a number of important security fixes.
Some companies get away with poor security unpunished. But in Britain a regulator has fined retailer Tesco, which runs its own online bank, the equivalent of $27 million after hackers stole almost $4 million from 20,000 customers over 48 hours in 2016. In its decision, the regulator noted the company was given a very specific warning, but it didn’t act until too late. Tesco Bank co-operated with the investigation, which helped cut the fine.
Finally, For Cyber Security Awareness Month I’m passing along tips to help you be more secure online. One place you can look for help is the new Canadian Centre for Cyber Security, the Canadian government’s one-stop hub for advice to the general public and business
You can find it at cyber.gc.ca. If you click on a headline called ‘Information and Guidance,’ the department’s blog, the latest security alerts for products and research studies are available. Under ‘Publications,’ there are links to reports helpful to citizens as well as business – for example, the Top 10 IT Security Actions to Protect Internet-Connected Networks, and advice to travelers carrying mobile devices.
Want more? A number of security vendors run a website called StaySafeOnline.org. There’s a section aimed at consumers called ‘Stay Safe Online,’ and one for businesses called ‘Keep My Business Secure.’
The Anti-Phishing Working Group, set up by makers of security products, has a site with a lot of consumer advice. Go to www.antiphishing.org and click on Resources.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.