While software that can be installed on your PC and used to remotely connect when you are away from your home office can be very handy, it also comes with risks that may not be apparent at first.
Various products exist to allow you to access your computers remotely, including TeamViewer, GoToMyPC, AAA PC Remote Control Software and several others.
If not setup properly and securely, many of these products can leave your PC open to external hackers or malware that could potentially get into your PC without your knowledge— and possibly steal your data or do damage to your system.
One of the main issues with any product like this is that many use a password to protect the remote capabilities, and some users choose to re-use passwords that they use for other systems including bank accounts, social media accounts, etc.
Most recently – there is a great deal of press about the issues over at TeamViewer and GoToMyPC.
According to a recent CSO Magazine article posted at: http://www.csoonline.com/article/3078000/security/teamviewer-users-reporting-unauthorized-access-hack-suspected.html, “Several TeamViewer users have reported unauthorized access over the last few days, leading some to suspect that the remote connection company has been hacked. The unauthorized access reports started showing up on Reddit around the same time that the company suffered possible DNS issues that triggered an outage lasting for several hours.”
A response from TeamViewer stated: “TeamViewer experienced a service outage on Wednesday, June 1, 2016. The outage was caused by a denial-of-service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. TeamViewer immediately responded to fix the issue to bring all services back up.”
What is not completely known yet is how this reported DNS outage for TeamViewer may have affected the users of the product (if at all), and if this incident is related at all to the reports from users having their information and accounts compromised.
And in a notice from GoToMyPC over the weekend of June 18, the company said, “Unfortunately, the GoToMYPC service has been targeted by a very sophisticated password attack. To protect you, the security team recommended that we reset all customer passwords immediately. Effective immediately, you will be required to reset your GoToMYPC password before you can login again.”
The company also recommended implementing two-factor authentication. The details of the breach are unknown at this time.
So how does this affect you?
If you use any remote access software on your computer, you should immediately check the security of how it is setup. First and foremost, if you no longer need to use the remote access software, then remove it. If you are unsure if it has been setup securely or not – then remove it you can consult with someone that can help you get it setup securely.
If you have to continue to use the remote access features, then you should be sure that any passwords you may be using are unique and very strong and that you are not using the same password for any other systems or accounts.
I don’t use remote access software at home, but it is used at my company – so how can I protect my company?
If your company uses remote access software for vendors or employees, it should be secured and very restricted to only those users that absolutely need to use this method of connection. Remote capabilities should be reviewed at least annually to ensure that orphaned accounts do not remain.
Another thing that you can do to protect other users at your company and your corporate data is to ensure that you have a good firewall in place and that activity through your network is monitored for unusual activity. The last thing you need is to have a hacker or rogue employee with remote access to your network and private data without that activity being detected. Incidents like this should hopefully be shut down before any damage can be done.
Managed network security firms such as Netsurion can secure your company network and ensure that things like remote access software are not even allowed through the firewall and, therefore, not able to be used as an access point into your computer and your company’s sensitive data. They can also monitor other activity that is allowed in and out of your network to ensure that no suspicious issues are seen and not responded to.
The bottom line is this – if you don’t need to have remote access software on your computer, then take it off and don’t use it. If you do have to use it – be sure that it is set up securely and that the activity for that program is somehow logged and monitored.
[su_box title=”About John Christly” style=”noise” box_color=”#336588″][short_info id=’74022′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.