Watch out for malware suspected of being distributed by North Korea, troubleshooting by an Internet service provider could have led to big trouble and reset your routers.
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Wednesday May 30th. To hear the podcast, click on the arrow below:
 |
 |
 |
The U.S. Department of Homeland Security and the FBI this week have again reminded computer users and IT administrators to follow best security practices. This follows an alert about two pieces malware believed to be distributed by North Korea. The distribution has been going on for at least a decade, with the malware able to steal passwords and data.
The defences to these attacks are simple: Keep operating systems and software up-to-date with the latest patches. Make sure your anti-malware software is up to date. Scan all software downloaded from the internet before it runs.
Companies need to restrict the permission of employees to install and run unwanted software applications. Disable Microsoft’s File and Printer Sharing service, and make sure passwords are tough and need two-factor authentication.
Internet service providers who give a router to home and small business customers for connecting to the Internet are as responsible for cyber security as you are. And when they make a mistake it can be costly. That was proved recently when a provider in Singapore left a port open on approximately 1,000 customer routers while it was doing remote troubleshooting on the devices. That meant the devices were wide open to a potential attack. When the provider was finished it should have shut the port. A local security firm caught the error and gave a warning.
While it’s responsible for an ISP to do some troubleshooting, its staff had better know what they’re doing. Had this not been caught those routers could have been hacked and used to spread malware. It’s another example of how human error can defeat the best cyber security.
Speaking of routers, owners of certain WiFI routers made by Cisco Linksys, Netgear, TPLink and others are being urged to reset their devices after the discovery that more a half a million devices around the world have been infected. A rest will temporarily disrupt the malware if it’s on the device. The reset procedures will be in your instruction manual. The reset puts the device back to its factory setting. Then you have to log in to its administrative page using a Web browser and change the default password to something tough and safe. Finally, make sure your router has the latest security patches. There’s a link here for more information. UPDATE Here’s another place to go for router reboot advice.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.