Unfortunately, there are many ways to exploit a computer network. Even worse, there are many hackers from all parts of the globe waiting to attack your computers.
The staff at BitBot Software have witnessed many different computer attacks over the years. We are experienced in computer security and can help protect your business against cyber criminal attacks.
Here is a sample of some of the attacks we have seen affect our clients and associates:
- A purchased website framework, written in the PHP programming language, contained insecure file open commands. This enabled a cyber criminal to upload spamming scripts to the client’s server and initiate a massive fraud campaign against a major bank.
- A custom coded dynamic website contained insecure database connections and allowed an SQL injection attack. This is very common amongst small business websites. In the best case scenario, the attacker uses the SQL injection to easily circumvent your login system, and perhaps log in as an administrator. The worst case is the attacker modifies or deletes your business records.
- Windows file sharing enabled on TCP port 445 enabled attackers using automated software tools to find and download all files stored on the file server. It was supposed to be shared within the local network only. Unknown to the owner, this had been occurring for almost two years.
- A wireless network router was installed within a business premises using a weak password, based on two dictionary words. A nearby resident used a dictionary attack to guess the password to the wireless network. The attacker proceeded to utilise the BitTorrent peer-to-peer service to illegally download movies. The business was left with a bill from their Internet provider for over $1000 in excess data charges and a risk of legal action by the film’s copyright owners.
- A wireless network was installed in a business using the now deprecated Wired Equivalent Privacy (WEP) protocol. This protocol gives the illusion of privacy, but most computer attackers know that all WEP installations can be decrypted and the password obtained within minutes. This illusion of security can be exploited by lawyers in a courtroom to say that illegal activity originating from your business network must have been authorised by you. In truth, any tech-saavy teenager can break into your system.
- A Secure Shell (SSH) server running on an Internet Service Provider’s (ISP’s) server was accessed by an automated software tool that guesses weak username / password combinations. A website developer created a testing account on the server called “test” with the password as “password”. This mistake allowed a group of criminals access to the server, and it was then used to spam millions of email accounts. This resulted in the Internet server being blacklisted by other servers, causing disruption to this ISP’s customers for days.
- A well-known webmail software package installation had become out-of-date and suffered from a known security flaw. An attacker exploited the installation to install a trojan program, that gave the attacker a back-door into the server. The server was then implicated in illegal activity.
- Microsoft Windows based servers are susceptible to many attacks. Brad was within an affected Internet data-centre to witness a Worm spread globally within hours to most of the Internet’s Microsoft SQL database servers. It allowed the attacker to gain access to the SYSTEM administrator account. It caused heavy network degradation globally.
- Viruses, trojans, worms, key loggers and spyware are easily able to infect computers (especially Microsoft Windows) if inadequate protection is configured. Most people have suffered from an infection of their desktop computers at some point, including us. It can be quite difficult to remove the infection.
Unfortunately, in most cases, successful exploits go undetected. That is, of course, until you become blacklisted, have confidential data stolen or have the police accuse you of conducting a crime. The compromise of confidential data (such as banking details, trade secrets and passwords) can be devastating to your business.
BitBot Software utilises many tools to keep your network safe. These include firewalls, advanced filtering, secure encryption protocols, network monitoring, checking for known exploits, intrusion detection, software patching, automated testing, secure off-site backups, hard-drive encryption and physical security (to prevent stolen hardware).
A simple and effective way to ensure your business’ cyber security is to utilise our Managed Services. We will look at your whole situation and make recommendations that work for your business.
Unless you are vigilant in protecting your computer assets, you will no doubt be affected by poor computer security. Your business needs an expert to protect it from skilled computer attackers, before it is too late.
We provide written computer network security audits for a fixed price. Just ask us for a quote. Our affordable prices can help you mitigate the risk of exploited security flaws on your business.