When Remote Access Falls into the Wrong Hands…

guy-fawkesQuite a few members of the media, bloggers and customers have come to us over the past couple of weeks with questions about a recently uncovered cyber-espionage campaign that abused a competitor’s remote access tool.  From reports, we’ve learned that the team – dubbed TeamSpy – behind recent attacks has been active since 2008 – and maybe since as early as 2004.  They exploited a basic and freely available remote control tool – one that had legitimate digital certificates – to target political groups, activists and national information agencies.  Though their attacks were global, they appear to have concentrated on European businesses and government entities.

You can read more about it at the excellent security blog, Dark Reading (How TeamSpy Turned Legitimate TeamViewer App into Cyberespionage Tool).

Also, you can access the full Kapersky report here.

As the tools for conducting cyberespionage become more readily available and the number of connections continues to grow with rapidity – the opportunities for cyber-crimes increase significantly.  With the right knowhow, patience and a few Internet searches, hackers can exploit vulnerabilities from virtually anywhere in the world.  The decisions that businesses make to protect themselves from being hacked via a remote access solution are crucial.  At Netop, we recommend deploying a multi layered approach.  Begin by adopting proper training and procedures for staff.  As you evaluate your remote solutions and vulnerabilities, look for ways to:

  • Secure the line
  • Manage user access
  • Manage user access
  • Document all activities

We are working on some documents to help businesses evaluate their security and vulnerabilities to remote hacking.  As Netop has been devloping remote access solutions for over 30 years, we are pretty well-versed in the risks associated with remote access.  You can access our knowledge base to learn more about our approach to security or contact us with any questions here.