Starting with early June, the whole world got a powerful hit when users announced that TeamViewer, the popular remote desktop tool, has been hacked.
To protect the users, an advisory statement has been issued by the TeamViewer PR team. This states that all users should change their passwords and implement a two-factor authentication process. This way users will be protected from hackers.
This attack is in direct connection with the attacks that happened on Reddit, Twitter, and LinkedIn where millions of email addresses and passwords were leaked. Hackers used passwords stolen from these accounts to access TeamViewer accounts and connect to users’ computers remotely. Once this happened, they stole passwords and other sensitive information stored within internet browsers. This transformed the entire event into a big hit since hackers managed to steal financial and important personal data. PayPal and other financial accounts are the most affected.
The most affected are companies that use TeamViewer business to connect with employees who are not working at the office or companies that offer remote IT support.
The remote access software issue
Actually, this is not the only time when a popular remote access tool has been the target of an attack. There was also a quite recent issue with the Windows remote desktop tool – you can read all about it here.
Remote access software is a great target by cybercriminsals because once you have access to one account you also have access to a whole lot more. In a company, you may get access to the entire company’s data , all the files, financial accounts, and so on. Even more, hackers use these tools to install ransomware software on computers which encrypts your data so you cant use it and makes you pay a ransom to get it back.
If your company is using TeamViewer (the business package is the most vulnerable) your next step should be to secure the account. To do this, you must change your account’s password and implement two-step authentication. For the two-factor authentication in TeamViewer, you should watch their video guide.
These are the steps recommended by the TeamViewer team, but as an extra precaution, we also recommend to set up a whitelisting process. This offers you the possibility to only allow access to computers and servers for specific people who you allow. You can read more about this here.
Actually, if it is to be completely safe, you shouldn’t use TeamViewer in your company from the start. It is a vulnerability even without hackers. For instance, if one of the employees leaves or is let go, he/she may still have access to your files and information.
Our recommendation is to set up remote access using the RDP or Remote Desktop Protocol over a VPN (Virtual Private Network) solution.
Onsite Helper has the necessary experience to review and identify any remote software access issues that may be lurking in your company’s network. Meet with our team of highly trained professionals or give us a call, and we will discuss how to improve your company’s IT protection.