 |
| Image from Pixabay |
Alarm!
Nine viruses were found on a user's laptop! The virus scanner actually had too
little information about a few of those infected files, but about several
others it reported: we have already seen this file with hundreds of customers
and we are pretty sure that the file is unreliable. Fortunately, the scanner
has quarantined the files and they can no longer do any harm. The fire was
extinguished before it could really break out.
We
usually do not lose sleep over these types of reports; we see them dozens of
times a week and they are neatly handled automatically. Exactly as a virus
scanner should do. 'Virus scanner' is a somewhat old-fashioned name, which I
only use here because it is commonplace. 'Malware scanner' is already better,
because the term encompasses more than just viruses: malware is the contraction
of 'malicious' and 'software'. In addition to computer viruses, the term
malware also includes keyloggers (which secretly record your keystrokes),
spyware (collects information about you), and backdoors (allow a hacker to
illegally access your system), to name a few. Vendors nowadays like to talk
about an 'endpoint protection platform' and by that they mean the protection of
all end-user equipment in an organization – not just laptops, but also tablets,
smartphones and printers, for example. The computer industry likes old wine in
new bottles.
Anyway,
for one reason or another, those nine reports caught the attention of a
colleague, who decided to call the user in question. The reports implied that
the infected files were on a USB device, but the user claimed, hand on heart,
that he did not have a USB stick in his laptop. After some further questioning,
it turned out that he had connected the laptop to a screen at home via a KVM
switch (with a KVM switch (Keyboard, Video, Mouse) you can connect several
computers to one screen, keyboard and mouse; you can easily switch between the different
computers). But there was no USB stick in that KVM switch either. Finally,
after some research, it turned out that the screen itself also had a USB port,
and there the virus-infested USB stick was sitting.
The
incident nicely illustrates that the truth is not always on the surface. If you
were to rely solely on the information provided by the scanner, you would
conclude that there is a USB stick with infected files in the laptop. And if
the user says that's not true, you don't believe him. Whereas in this case the
user was in good faith and patiently cooperated to assist my tenacious
colleague. Unfortunately, we don't know how that infected USB stick got into
the monitor.
There
is one other thing that needs attention here. There are quite a few devices
that have USB ports. Traditionally we know them from computers, but screens can
also be equipped with them, and our TV, which is connected to the Wi-Fi network,
also has a few. With these types of devices, they are usually located at the
back and are therefore out of sight. This offers opportunities for people with
less good intentions: in an unguarded moment they can simply insert a USB stick
that contains software that you would rather not have at home. Now the employee
in question was not authorized to use USB sticks, but the USB stick was seen by
Windows.
It calls
for vigilance. Do you always know exactly where you connect your laptop? And
what's behind that, and what's on the backside? What do your housemates do with
equipment that you also use for work? It can do no harm to make them aware that
USB sticks can contain malicious files and that they should always be scanned
before opening the files. This is not only in the interest of you and your
housemates as private users, but also in the interest of your employers in the
case of shared use of equipment. Everyone in the house should take that into
account.
There will be no Security (b)log next week.
And in the big bad world…
This section contains a selection of news articles I came across in the
past week. Because the original version of this blog post is aimed at readers
in the Netherlands, it contains some links to articles in Dutch. Where no
language is indicated, the article is in English.
- Of course there is also malware for your Mac.
- a supply chain chain reaction has taken place.
- China spies on us on a large scale, including digitally. [DUTCH]
- the British fear spyware and hacking mercenaries.
- the Dutch Football Association is struggling with a ransomware attack. [DUTCH]
- routers also need to be cleaned before they are scrapped.
- cybercriminals trade in stolen accounts for ChatGPT.
- employees put confidential company information in ChatGPT.
.jpg)
No comments:
Post a Comment