For the last three major vulnerabilities and breeches, listed below, we have been advised to change passwords, some of those advising password changes were clamming we do it immediately, others were more specific in the advice
- Heartbleed
- eBay
- GameoverZeus
Taking each of these in turn, what should we of done in each case..
Heatbleed
I heard advice very early on about changing passwords immediately, however it was not long before the media took advice from the experts and modified the initial advice.
Heartbleed infected the servers provide the services we used, often we need to authenticate (logon) to these services. Heartbleed could allow attackers to compromise servers and gain access to passwords. Changing passwords before the server had been fixed, meant attackers could still get on to the machines and get the passwords. The advise from security experts was once your service provider advised the server was no longer vulnerable, then change your password. The good service providers did advice their clients when to change passwords.
eBay
This was a lot simpler, if you used eBay you should of changed your password, very slowly eBay did advice its users to change their password. In this case attackers compromised eBay and stole a list of credentials, whether the attackers can crack all the passwords is a matter for debate. The point is they could, therefore you should change your password as quick as possible.
GameoverZeus
Seen and heard advice from many media outlets today, especially radio where the advice was change your password. This is very poor advice. Changing your password will not stop you being infected, if your are infected changing the password just gives the attackers your new password.
If you have a Windows machine you will need to take note, otherwise those using other operating systems can sit back and relax as GameoverZeus attacks Microsoft Operating Systems
GameoverZeus is a financial trojan, it affects client computers i.e. our home computers where we store our financial records and login to our online banking from, it is typically our personal home computer.
What users need to do is firstly ensure they have not been infected by running tools available from most reputable anti-malware / anti-virus vendors. These tools can detect and remove the infection. A list of tools is available from the UK governments get safe online website http://www.getsafeonline.org/nca
If you are not infected or have successful removed the infection you should stop your computer from being vulnerable to GameoverZeus, the malware uses vulnerabilities in the operating system and applications to infect your computer, patching and keep up to date. Automatic updates and tools such as Secunia Personal Software Inspector (PSI) can help with this.
If you were infected you will need to change your passwords, in this particular case the authorities and ISPs are trying to identity infected machines and advise the owners to disinfect their machines and change passwords. So if your ISP contacts your officially, or you discover you have been infected, change your password.
Watch out for
Scams, phishing emails etc trying to catch out the unaware and take advantage of those trying to keep out with the official advice. Every major vulnerability, breach and malware outbreak will be exploited by scammers trying to infect you. Don't open email attachments and don't follow web links in suspicious emails.
Good Practice
Good practice is to use strong passwords and change them regularly. Follow advice from the security experts on the strength of passwords, no dictionary words, no names. Use upper case, lower case, numbers and symbols and use long passwords.
Don't use the same username / password combination for all your accounts, a compromise of one could lead to all your accounts being compromised,
No comments:
Post a Comment