The cat and mouse game continues... Last fall I was witness to a couple of the worst, most vicious virus attacks I’ve seen in my 23 years as owner of Fairoaks. These businesses lost EVERYTHING. Think about that! (They weren’t Fairoaks clients - but they are now).
Unless you’ve spent the last few months on a mountaintop in Tibet, you probably heard about the “CryptoLocker” virus. At this point, that’s pretty much come and gone. The internet service providers and anti-virus companies caught up and a lot of users got a little smarter. Before that the big news was 600,000 Apple devices getting clobbered by a Java virus. Java closed that door. But sooner or later someone will find another security hole there too.
But it’s a cat and mouse game. The crooks are constantly learning, changing and they’re getting more creative and sophisticated. They spend as much, or more, time “social engineering” the attacks than creating the virus.
In the last week I’ve personally seen 2 new security threats that I’ve never seen before, and they had no similarity to each other. Neither threat can be stopped by the service providers, anti-virus companies or anyone else EXCEPT THE USER.
I’ll tell you about one of the threats. The victim was an elderly gentleman who spends a lot of his days on-line trading in his retirement account. His computer was properly protected so no ordinary hacker could break in. But he got a phone call from “a nice man from Microsoft” who was calling from “Kentucky” to let him know he had a problem with his computer. He was directed to a website, asked to click a couple of buttons and in the process he unknowingly gave the attacker full user-granted access to his computer.
There’s no platform that’s immune from this type of attack. Apple, Microsoft, Android, Linux, Unix, etc. are all equally vulnerable if an user grants access to someone else.
The attacker took control of the computer, the curser was moving while the elderly gentleman could do nothing but watch – he was locked out of his own computer.
We cleaned it up; closed the attacker’s entry door, removed everything he installed and added a password to the computer. The user changed his retirement account user name and password. Because it was caught real-time we don’t think there was any permanent damage done.
The lesson here is that, like your own health, the safety of your computer (data, personal/business information, etc.) is largely in your hands. Get educated, do the right things and you’ll minimize your risk.
