Did someone hack Bing?
In all of these scenarios, reinstalling the operating system is the best solution. That doesn't have to mean formatting the hard drive - functions for system recovery, for example under Windows or regular backups, often provide sufficient precautions in the event of an emergency. However, one thing must be clear: once a computer has been infiltrated, it must never be completely trusted again. How best to proceed in which case is shown in detail under the individual points.
Ransom note on the screen
Suddenly a blackmail letter appeared on your system out of nowhere? "Pay XXX Dollars / Euro by ... if you want your details back" or something like that - then you can very often assume that you have been careless when reading and editing your e-mails Opened links and / or email attachments that you would have better left closed. In this case: Congratulations, you have fallen victim to a crypto Trojan or ransomware! But be careful: Make sure that your data is really encrypted and that it is not a phishing attempt! The following video clearly describes how a Crypto-Locker attack works:
What to do: Hopefully, if your data is already fully encrypted, you have an up-to-date backup that you can restore. If the encryption process is still running (which is rather unlikely when the blackmail message is displayed), you should switch off the computer, remove the affected hard drive (on which the data and the operating system are stored) and hand it over to IT forensics experts - they may be able to still save something.
If the data is already fully encrypted and you do not have a backup at hand, you can either research whether the affected Crypto-Trojan and its encryption algorithm are already known and possibly countermeasures exist (which you can then take) or wait to see whether the encryption was cracked in a timely manner becomes. Under no circumstances should you put the hard drive in question back into operation - there are Trojans that automatically destroy the encrypted data after a certain period of non-payment of the ransom. Better to install a "fresh disk" and reinstall the operating system. It may be possible to save the "old" data later.
If all of this is too (time) consuming for you, you have two further options: You forget the data, get annoyed and restart the computer. Or - you pay the ransom. This is not recommended by experts, but in some cases it is essential to be able to restore important data. As a rule, your data will be decrypted again after payment - otherwise the blackmailer's "business model" would not work. However, there is no guarantee that this will be the case. In any case: Be more careful with the next case!
Fake antivirus messages
Fake virus scanner alerts are one of the surest signs that the system has been compromised. Many users are not aware that the moment such a message appears, the disaster has already happened. Clicking on "No" or "Cancel" to stop the fake virus scan is of course not enough - the malware has already made use of existing security gaps and has penetrated the system. Popular gateways are, for example, the Java Runtime Environment or Adobe products.
The question remains: Why does the malware trigger this "virus warning" in the first place? Quite simply: The alleged checking process, which always reveals a huge amount of "viruses", is used as a lure for the purchase of a product. If you click on the link shown, you will be taken to a professional looking website that is plastered with positive customer reviews and recommendations. There credit card numbers and other billing data are requested - and far too many users still fall for this scam and voluntarily give their identity to the criminals without noticing anything.
What to do: Turn off your computer as soon as the fake antivirus message appears. (Caution: you must of course know what a "real" message from your virus scanner looks like.) If something needs to be backed up and it can be done without any problems - do it. But the faster the computer shuts down, the better. Then restart in "safe mode" (without network connection) and uninstall the previously installed software (which often works).
Either way, it is important to bring the system to a state that is the same as it was before the compromise. If this succeeds, the system should start normally again and no more fake messages should be emitted. What remains now is a comprehensive system test and a complete virus scan to remove the last remnants of the malware.
- Admin rights
No assignment of administrator rights to employees
Complete and regular documentation of the IT
- Secure passwords
IT security begins with sensitization and training of employees as well as clear communication of the internal rules of conduct for information security:
Complex passwords made up of upper and lower case letters, numbers and special characters, at least eight characters.
- Password theft
Never pass on or / and write down confidential data.
- Email security
Sign emails, encrypt sensitive data, be careful when opening email attachments and links.
- Social manipulation
Handle confidential information consciously, only pass it on to authorized persons, do not manipulate or allow yourself to be spied on.
- Be careful when surfing the internet
Not every link leads to the desired result.
- Use only the latest software
Software that is not updated leaves more security holes open.
- Use of your own software
Follow company guidelines and never install software of questionable origin.
- Company guidelines
Use only permitted data, software (apps) and applications.
Regularly save operational data on a network drive and back up data on external data carriers.
- Theft protection
Protect mobile devices and data carriers from loss.
- Device access
Do not pass devices on to third parties, do not leave mobile devices unattended and lock workstation PCs when leaving.
- Security guidelines
The organizational structures in the background form the necessary framework for IT security. Here it is important to formulate clear rules and to adhere to them:
Definition and communication of security guidelines
- Access rights
Regulation of access rights to sensitive data
- Software updates
Automatic and regular distribution of software updates
- Log files
Control of the log files
- data backup
Outsourcing of data backup
- Security analysis
Regular review of the security measures through internal and external security analyzes
- Contingency plan
Creation of a contingency plan for responding to system failures and attacks
- WLAN usage
A minimum standard must be guaranteed at the technical level. For the most part, this can be implemented without great expense:
Documentation of WLAN use, also by guests
Protection of the internet connection through firewalls
- Biometric factors
Use of access protection / passwords / biometrics
- Access control
Physical security / access control and documentation
- Protection against malware
Protection against malware both on the end device and on the Internet gateway, ideally through two different anti-virus programs
- Web access
Definition of a structured regulation of web access
Encryption to protect files and messages with sensitive content
Secure deletion of data when decommissioning
- Update of the security systems
Ensuring regular updates of the security systems
Permanent monitoring of the network traffic for abnormalities
Unwanted browser toolbars
Probably the second most common sign of infiltration: The browser comes with various new toolbars, all of which promise help. Unless it is (and even then) a product from a known vendor, these extensions should be removed.
What to do: Most browsers allow all installed toolbars to be displayed. Remove any that you don't necessarily want to keep. If the suspicious toolbar is not listed or if it cannot be easily deleted, the browser should be reset to its default settings. If that doesn't work either, proceed as described under "Fake Antivirus Messages" above.
Most toolbars with malicious code can be prevented simply by ensuring that all installed applications are up to date. And also by the fact that when installing free software during the setup process you pay a little attention to what is to be installed and deactivate the corresponding toolbars.
Redirected web searches
Cyber criminals earn money from Internet users "ending up" somewhere else than they actually want. The clicks on a certain website are converted directly into cash for them - often without the respective site operator even knowing that the traffic is resulting from a visitor redirection.
This type of malware can be found quickly using a search engine in infected browsers: Simply type in some very generic words such as "goldfish" or "puppy" and check whether the same websites appear several times in the result lists - these usually have hardly any reliable reference to the search term . Unfortunately, many of today's web search redirects are so camouflaged and well hidden with the help of various proxy servers that the falsified results are seldom directly visible to affected users. Often it is also toolbars that trigger the redirects. The traffic in and out of a compromised computer is significantly different from that on a clean computer.
What to do: As mentioned earlier, remove toolbars and other malware - that should be enough.
Common pop-up windows
Popping windows are annoying. But they are also evidence that the computer was hacked. If websites that are usually not known for such behavior deliver random browser pop-ups, the system has been infiltrated. It is always exciting to see which pages can bypass the browser's anti-pop-up mechanism. It's like fighting spam - only worse.
What to do: Typically, such popup windows are generated by one of the three cases already described. Removing toolbars and other malware helps here too.
- Can I start a Roth 401k
- How can I improve my hidden skills
- Are muscle nodes real
- What the hell is Brexit
- Which country cares least about food?
- Why was Jawaharlal Nehru never charged with Lathi
- What does a wedding proposal mean
- What are the benefits of email confirmation
- Is it bad to be a trusting person?
- What is the worst hotel in hong kong
- Bitter truth about the Nigerian woman
- How do I start a clothing store
- What is the earliest recorded spoken language
- What is sine-cosine tangent
- Can love nihilistic people
- What are the benefits of Ayurveda
- How can you manipulate a sociopath
- How to Freeze Moles
- Why do teenagers run away
- How good is Mercedes Benz in India
- How do I choose my career 3
- What do Africans think of Filipinos
- Likes Dushka Zapata dogs
- Why do startups have to go public