Technology: Trojan Virus Enters Via Backdoor – Tales of Malware

Once upon time my blog became infected by a trojan virus that had penetrated my data via a back door on my network. The result of this attack caused my blog to continually replicate itself and absorbed a colossal amount of server space which sent my hosting bills sky high. In the end I had to rent a geek to fix the problem and move my blog onto a secure hosting platform with regular and vigilant security checks to prevent a re-occurence of the catastrophe, which absorbed time I couldn’t afford to spend on a problem I could have prevented. Not to mention the inflated hosting bill I had to pay.

Cyber chaos caused by stealth malware infections; targeted and undetected, penetrated via a back door also known as a watering hole, can leave a blog vulnerable and polluted. A watering hole attack scenario is designed to ruin an administrator’s day, maybe even their career and cause enormous disruption to the target. The threat occurs when a specifically selected, frequently visited website, used by the target’s members has an exploit inserted which results in a malware infection.

A watering hole attack is defined when an assailant wants to attack a certain group (organisation, industry, or region).

There are three phases:

  1. Choose by research and observation websites the collective uses frequently.
  2. Infect these websites with malware.
  3. Patiently wait until a member of the targeted group becomes infected.

Reliance on the websites trusted by the target renders the strategy efficient even with targets that are resilient to spear phishing and other forms of phishing.

It’s possible that watering hole attacks can enable attackers to be able to execute commands on infected servers; including spying and monitoring the activities of the target. Once the network has been infiltrated, attacks can be initiated including the modification, or deletion, of files containing critical data.

It made me realise that the remote worker at home is the weakest link in network security. They are the back door, or the open window to your intellectual property. They make your business vulnerable to attack; an attack that could occur when you least expect it. People are the last frontier. In reality, from a network security perspective people are the new perimeter.

How many remote workers does your business support?

According to, Beyond SOHO – The Future of Work, December 2013, Frost & Sullivan 70% of high-value employees work from a home office at least once per week and access a businesses most valuable information on their home devices.

VPN is not enough.

Many companies rely on VPN security to protect their networks for home workers but the reality is that the VPN was not designed to protect devices from network attacks. Yes, a VPN establishes a secure connection between a home user and the business, but it can’t protect against threats/infections/malware, etc., that may already exist in the end-users’ devices. Therefore, if home-based devices are not protected to the same level as enterprise networks, a VPN connection can open a window for threats aimed at your main network. Yet, the number of companies that allow home working is on the increase.

Safe surfing

Public WiFi also puts you at risk for session hijacking, the hacker who’s monitoring your WiFi traffic tries to hijack an open session you have with an online service (like a social media site or an email client) by stealing the browser cookies which the service uses to identify you. Once hackers have that cookie, they can pretend to be you on these sites, or even find your login and password information stored inside the cookie.

Here are some top tips to safe surfing on public wi-fi by laptop, tablet or smartphone to ensure that you protect your data by connecting your device securely:

  • Computer Network Settings

Turn on your firewall, especially for public networks. Windows enables firewall settings by default during set up. However, to check open Control Panel, then Windows Firewall, and make sure it is turned on for both public and private network settings.

  • Disable sharing

To change network settings open Network and Sharing Centre from Control Panel. Click “Change private advanced sharing settings” found in the left side of the screen. Under Private, Files and printer sharing, Guest or Public, switch off network discovery. Don’t forget to click ‘Save’ for it to work. Switch off file and printer sharing.

Please note: To switch off sharing in Mac OS X visit Sharing Options > Change Advanced Sharing Settings.

  • Security Browser extensions. Browser extensions, such as HTTPS Everywhere, from the Electronic Frontier Foundation (EFF) are an effective security tool. These extensions enable bowsers to have a secure connection when visiting common sites such as Google, Yahoo, ebay, Amazon, and more. You can also create your own XML config file to add more sites not listed. It’s available for both Chrome and Firefox and works with Windows, Mac, and Linux.
  • Use a VPN to connect to a hotspot

Sites and search engines without secure a Secure Socket Layer (SSL) encrypted protection. enable the data flowing through those networks to be visible to hackers to view your activity. It is worth considering connecting via a Virtual Private Network (VPN) to connect to Wi-Fi hotspots. A VPN offers security and privacy when connected to open networks. At Rockford IT we offer VPN solutions so that you can surf safely on public wifi.

  • Always update your software

Finally, it’s critical to ensure that your antivirus, malware protection and operating system are up-to-date. Operating system updates keep your system running efficiently and plug security gaps. However, your data is NEVER 100% secure on the Internet so the more security layers you create, the safer your data will be.

Click here to find out more about mobile security and Dell’s BYOD solutions.

Leave a Reply

%d bloggers like this: