How can we stop people gaining access to our family computer remotely?
How do hackers do this, what do they want to access and how can we prevent it?
1 expert has answered
The primary way is through awareness of the behaviour likely to result in this access.
In reality remote access is more likely to occur through something we did ourselves than through our perception of how it's likely to happen. It's rare for someone in a remote location to actively be searching for our PC and then trying to access it remotely, athough this can happen.
In most cases access is granted directly by ourselves, through the techniques such as social engineering, phishing attacks or similar.
To prevent this access the primary tool is awareness. For example, there is a common scam worldwide at present, whereby you will receive an unwarranted phone call from someone claiming to be from Microsoft technical support, or an organisation working for them.
They will guide you through a process of looking at the logs on your windows PC highlighting errors or warnings there (which in almost all cases are harmless and of no consequence) and try to convince you that these are indications of malware / virus infection.
They will then offer to 'fix' the problem for you, and will ask you to download some software enabling them remote access. This software is perfectly legitimate and used by IT professionals worldwide to enable remote access to PC's for support purposes. Whilst in control of your PC they will then be able to cause real damage, then offer to charge you several hundred pounds for the privilege of undoing their mess.
To me it seems ludicrous that anyone could be fooled by this, but I have first hand experience of people that were. This is one of the downsides of the simplification of our IT tools. The easier they are to use, the less knowledge we have about how they work or what goes on under the hood.
Another way remote access can be gained is through downloading software from unofficial sources, for example using peer-to-peer networking sites to download illegal software / music etc. In this cases what often happens is the files that are downloaded have additional malware within them, masquerading as legitimate software and again we are the people who grant access, by downloading and clicking on it.
The other really common way these days is through email. I frequently get unsolicited email sent to me with attachments that can appear legitimate, either Adobe PDF or Microsoft Office documents, these can contain malware that can give 'back door' access to your PC, or more commonly connect it as part of a large 'botnet' which can then be used for nefarious purposes.
The solutions to these problems need to be layered: -
Awareness - be aware of the websites you access, the emails you open and the unsolicited contacts that are made with you, by any means.
Slow Down - it's easy to accidentally click on something in a hurry, even the most aware of us (yes me!) have done this and regretted it almost immediately. Slowing down gives you time to think 'Is this legitimate', 'Did I ask for this', 'Is the sender who they say they are', 'Will my bank ask for these details'?
Keep your system and it's applications up to date. In many cases, access is gained through faults within the software you are using, that are then exploited by the people creating malware. People are, in my experience VERY poor at keeping their systems up to date. Turn on automatic windows updates, but also regularly check for updates manually and install them immediately, don't wait. Also check your other software for updates, Microsoft update can keep packages like Office up to date (look for the option to get updates 'from other products' in Vista and Windows 7, look for the 'Microsoft Update' (as opposed to Windows Update) if your using Windows XP.
Microsoft updates are released on the second Tuesday of every month (Patch Tuesday), make it a regular schedule!
In addition to the above I use the excellent and free Secunia Personal Software Inspector (PSI) to keep non-Microsoft packages up to date, download it here (http://secunia.com/vulnerability_scanning/personal/) and set it to update automatically.
Finally in the packages you use most often there is often a 'check for updates' option (often in the help section). Use it, frequently and download updates that are available.
Doing the things above will reduce the windows of opportunity available to hackers.
- Turn on your firewalls, in your router and your PC. Firewalls prevent unauthorized access to the services on your PC, by blocking incoming network traffic that you haven't instigated. In the case of Windows it will usually pop up a warning that an application on your PC needs access to the internet, and ask you for permission to allow it. Read the message carefully and check it's from legitimate software you are intentionally using. In your router (how many people even know how to log into their router?) it's a good idea to turn off UPNP (Universal Plug and Play). This is a service that is designed to make internet access easier, by allowing the applications on your PC (or your XBOX) to make changes to the firewall rules without your intervention. the problem is it can be used nefariously as well as legitimately. The consequence of doing this is you will have to educate yourself about port forwarding (this site is a good resource http://portforward.com/english/routers/port_forwarding/) as some services on items like the Xbox may not work otherwise.
As you can see, the simplicity we all seek is a route in for the bad guys, it's unfortunate but making it harder for the bad guys means more work for us and we need to educate ourselves accordingly.
Use anti-virus software and keep it up to date. In all cases the anti-virus vendors are lagging behind the malware creators, it's unavoidable. Set the software to automatically update and check regularly to reduce the window of opportunity. Choice here is a personal thing, but there's no excuse for not having anything, lots of free options exist and I'm a fan of the free Microsoft Security Essentials (http://www.microsoft.com/en-gb/security/pc-security/mse.aspx) it's free and is non-intrusive. That software is another good education in prevention too - search for it in Google and you will find non-Microsoft sites listing it for download. Are they legitimate? Be aware of what you click on when searching!
Email. Use a good web-based email service with spam filtering and have more than one email address. Many of us use the email addresses provided by our ISP's. The problem with these is if we ever move provider they will have to change, meaning we have to inform everyone of that change. Services such as Google mail give us access to pretty much unlimited mailboxes, some of the best spam filtering in the business and email addresses that can stay with us in perpetuity. The spam filtering gains from the massive database of users that represent Google's user base, which is more extensive and easier to manage than any local solution you could install.
Have an email address you use for 'throwaway' sites that require you to create a user profile, but which you may only wish to access once. That way your primary mailbox is less likely to get cluttered with rubbish from sites that sell on your contact data without you being aware (because they didn't disclose, or you didn't read the T's and C's!).
You can even use one-time 'disposable' email addresses if you're particularly paranoid.
With Google you can do all sorts of clever stuff, if you have an email address of the form 'firstname.lastname@example.org' you can add '+anything' to that email address to uniquely identify any email received. So when signing up for let's say amazon, use the email address email@example.com.
This allows you to filter incoming email by source, but also will quickly highlight who is selling your contact details or spamming you!
Again, educating yourself is the key here, Google is your friend.
There's lots more I could say but it starts to get a bit esoteric beyond this, the pointers above, even if you don't apply them all, will mean you will be far ahead of 99% of most of the computer users I know and help on a daily basis.