Trojans, malware, hacking RRS feed

  • Question

  • There has been a spate of recent attacks on government entities where criminals have been able to gain access to local area networks, copy or encrypt supposedly secure databases, and then deny users access to the databases.  The purpose is to extort money.  Of course the highly compensated administrator managers had not anticipated the possibility that their data would become inaccessible.  So they resort to pencil and paper means to carry on pending approval of the payment.  Should they have database backups?  Yes.  But they don't.  I am in charge of computer security at a small, nonprofit company.  One computer has been hacked four times.  It is an audio streamer.  It uses ICECAST and BUTT: open source computer programs that implement an audio streaming service.  I understand that no such software exists in the Microsoft galaxy of products.  The static IP address is very inviting to the criminals.  A firewall appliance called WatchGuard has been configured to block much of the probing that goes on 24/7.  Only those ports that are absolutely necessary are unblocked.  Nobody surfs the web and nobody corresponds with email.  MSTSC cannot open a remote session.  The computer works for about 800 hours before it is hacked.   Fortunately I have a disk image of the computer with which I am able to restore functionality.  I wonder if Microsoft has any plans to prevent the hacking.  It appears that IIS may be vulnerable to unauthorized requests to install malicious software.  Part of the audio streamer's function is to play archived programs on demand.  This requires IIS which happily streams MP3 files.


    Sunday, December 15, 2019 5:34 PM