On of my clients was hacked the other day – well, when I say ‘Hacked’ I mean that they had someone go onto their PC without authorisation.

In fact they were not hacked as such, but their old IT guys had left a HUGE security hole in their system for ‘convenience’ – NEVER a good idea! What a stupid thing to do!!
This was then exploited (as you might expect), and some stuff was ordered via their online accounts (Amazon etc…).

Once the person was into the network they garnered more information from the connected PCs and tried to order stuff with the accounts that were on other PCs.

Fortunately the clients mum called her to ask about an email that popped up (at 04:00 in the morning!) and the client caught the person dialled in to the PC and dumped the connection – she then managed to check the history of the intruder and contact the people that things were ordered from.

It’s looking like she was spectacularly lucky!! The people who were contacted have stopped the orders and things are looking like going back to normal – with the exception of come cancelled cards that is!
This could so easily have been much much worse.

In this case it’s looking lots like some clown connected to the machine and simply used the existing details on the PC to order stuff – its a good thing too – a more savvy intruder would have left all sorts of Trojans and back-doors so he/she could simply walk back in later and do the same again, with the new cards and accounts etc…

Suffice to say the fraud squad are doing their thing…

I’ve done a complete scan and clean up and am as sure as I can be that there is nothing left in the wake – I think the interruption stopped any long term damage happening.

I guess the moral is that you never know just how secure you are – you can only do the best you can, and hope it never happens…

Filed under : General  |  Be the first to comment! »
6 views

=============== ===============

I have spent most of the last couple of days sorting out some particularly nasty spyware infections.

Quite literally there have been clients queueing to get their machines cleaned of this little bit of nastiness.

It manifests itself as a spyware scanner called ‘System doctor’ and seems to perform a scan of your PC, resulting in many ‘infected’ files – it also changes your desktop wallpaper to a screen saying something about files not being deleted from your PC.

DO NOT BE FOOLED – this is a simple spyware infection and can be removed using freely available tools!

In our case, the clients involved ALL had contracts covering these types of eventualities and the removal procedures cost them nothing more than their machines being inaccessible for an hour or so.

We offer a simple clean-up service for £75 one off fee, a small price to pay for safeguarding your PC/Laptop

This spyware seems to be infecting peoples machines from legitimate websites so make sure you don’t agree to anything trying to run on your PC unless you know what it is.

Here’s the shameless marketing bit:

If you get infected – CALL US!!! 0845 634 0599

Filed under : General  |  Be the first to comment! »
3 views

=============== ===============

For those not knowing the Internet Acronym used in the title look here: Wiktionary

So I have a few clients with online stores of one type or another, mainly they trade as an online arm of an existing business, though this isn’t the case in all circumstances.

For those not knowing the process to get an online store – it entails getting a merchant ID (something the banks will say they can sort in about 5 days, though experience tells us it takes on average 6-10 weeks! ).
Part of this process is the security of the websites – something which I believe most online businesses should take more seriously – Enter the PCI Compliance system.

This is a system which simulates a site infiltration via several known methods  - and gives a report that indicates the level of security that the site has. On the face of it a good thing…

But…

Firstly, the tests that are performed can (and do) fail in their execution, on some sites.
This may mean that, even though the security may be above and beyond the level required for compliance, the site will get a ‘failed’ rating because the tests cannot get in.

Surely this is the point, if you cannot get in does that not indicate a secure site?

Secondly, the tests require that some access points to sites (such as those used by known management systems) must be disabled.
This means that common systems used to control and configure systems cannot be used (The router that connects you to the outside world usually has a web based control panel accessible externally, to pass this must be disabled).

This makes my support to the clients EXTREMELY difficult If I cannot connect remotely to their systems.

This all makes sense when you realise that, even though PCI compliance is NOT required, nor even recognised by some providers, the banks will charge you a monthly fee if you are not compliant…
Believe me when I say that it’s VERY easy to be ‘Non compliant’

Call me a cynic if you will!

Filed under : General  |  Be the first to comment! »
23 views

=============== ===============

Time for another “Donkey Award”…

This made me laugh:
San Francisco’s unluckiest thief

It seems that some idiot riding a bicycle, decided to grab an iPhone that was being held by a woman on San Francisco street. This he did and sped off down the road…

Unfortunately the thief didn’t know that the iPhone was being used as a test for some real-time tracking software – what are the chances eh?

The woman, rushed in to the office (the incident happened just outside), reported the theft, and the IT guys calmly directed the police directly exactly to where the thief was located.

Ha!

“You’re nicked sonny Jim…”
“Clap him in irons – you’re goin’ dahn son”

Filed under : General  |  Be the first to comment! »
11 views

=============== ===============

Worm attack bites at Apple iPhone

Now I’m not one to be smug (!), but when the people who ‘claim’ Apple computers are more secure than the generic Windows PC, I like to point out simple facts like the above.

ALL computers are prone to malicious attack from viruses / worm / hacking etc…
It’s just the size of the target you offer that changes.

The article does say that the malicious code only effects ‘jail-broken’ iPhones (that is to say ones that have had the Apple security stuff removed in an attempt to run apps), but that it exists at all is a worrying thing.

As evidenced by a client recently, people in general are ignorant of both the threat, AND the potential harm things like this can cause.
The old argument we constantly hear is “but why would they WANT my data?”.
The answer is simple ~ because they can!
It’s not a case of wanting to target Joe Blogs company as such (though sometime it IS), but if you leave the door open, someone will come around sooner or later. That they can’t find anything of value is irrelevant, if they can cause some change/damage, then that is reward enough.

Now I don’t claim to be a network security guru, but the client in question watched me crack their WEP (Wireless Encryption Protocol) password in about 3 minutes from a standing start ~ slow by some standards! (BTW I DO know a security guru ~ call me!). Suffice to say they were a little taken aback at the lack of security on their systems, more so when I told them what was possible once this little hurdle (the WEP key) was out of the way.

It’s possibly poetic justice that the people who wish to remove ‘protection’ from their systems get infected, but sometimes it’s those very protection systems which cause the most problems ~ the Symantec protection softwares spring to mind. This is the main reason people remove them; if they cause more issues than a ‘potential’ threat, why bother? Surely it’s worth taking the risk if it might never happen??
A glowing example of false economy if ever there was!

One would also think that the urban myth of Apple equipment being secure was also a contributing factor in the propagation of this worm. People believing that the iPhone, being of Apple origin, was immune to such threats. :oops:

I would think it’s only a matter of time before we see something truely nasty hitting the iPhone specifically, but also some of the recent smart phones too.

Watch this space…

Filed under : Hell  |  Be the first to comment! »
2 views

=============== ===============