For many of us, computers are spooky enough: things randomly go wrong, applications crash, all manner of things most of us just can’t explain. Don’t worry, it even baffles the experts from time-to-time! If things were bad enough, there are people out there looking to make things worse.
You could say that hackers are trying to cast a spell on our computers to get access to the data they have, or have access to. They have countless spells in their bag of magic tricks, and it’s our job to make sure they fail; to keep our data safe.
I’d like to talk about one technique that’s been impacting businesses both large and small, and a trick that seems to be gathering in popularity amongst our hacker ‘friends’.
Many of us rely on a number of software applications to help us manage our business. These might be large complex packages or small single-purpose tools that make our computing life a little bit easier. Some of these pieces of software are free, some cost money. Some require us to update them manually, say by downloading a new version from time-to-time, others do so automatically.
This year, we’ve seen a worrying new trend for hackers to compromise either the software itself, or the distribution mechanism we use to acquire it. This means that our computers can become infected, not necessarily by visiting a ‘bad site’, or clicking on a dubious link, but now just by downloading or updating some of the software we might use anyway. Hackers know that if they compromise a popular piece of software, that can give them an easy way into a large number of companies.
So what can we do about this? Our tactics are limited, but there are a few general pieces of advice that can help minimize the chance of this happening to you. Notice I say ‘minimize’, not ‘eliminate’... that’s because there really is no foolproof way for the average computer user to completely avoid this problem.
Try to limit the different software packages we use. It’s fun to have many tools and utilities, and applications we might want ‘just in case’ we need them, but every piece of software you add to the computer increases your risk. If you don’t need it, remove it!
Ensure that our Anti-Virus (AV) software is kept up-to-date. Sure, this sounds like a broken record, but it’s good advice. Even if the AV software doesn’t immediately protect you from tampered software, it can help protect you from what that software tries to do. It also gives a convenient way to remove these threats if we’re unlucky to get caught.
When downloading software, try to do so only from a reputable web site, such as directly from the software vendor. If in doubt, ask an IT professional for a second opinion, but many sites will repackage ‘good’ software to include ‘bad’ components.
Avoid any form of pirated software. Some commercial software can be expensive, and there is sometimes a temptation to ‘borrow’ a copy from a friend, or otherwise find a way to use the software without paying. Hackers know this, and actively target ‘cracks’, ‘keygens’, and other tricks used to make pirate software work.
So who’s doing this? This year alone, I’ve investigated cases ranging from cyber criminals hoping to co-opt your computer into making money for them (by ‘clicking’ on ads in the background without you knowing), all the way to foreign government backed campaigns to infiltrate business.
The next time something goes bump in your computer, it might just be a parasite hiding out in some piece of software you use. Fortunately there are many great IT service providers on hand, willing and able to give your computer an exorcism, should it be required!