This article is not to scare anyone, but rather to point out some things I have encountered repairing people's computers, writing programs, administrating an Internet telephone system, websites, and many more aspects of computer technology. As each year passes, I have seen an increase in attacks and probing, but fortunately, no successful breaches. These probes and attacks are directed at each website, phone system, email, computer, router and other devices I control. This isn't a personal attack out to get just me. It is happening to a majority of us, and many never even know it.
I can take a look at system logs of my phone system activity and in one hour, I can have thousands of failed login attempts. The log file shows the Internet address of the computer that connects to my phone system, what user name they tried to use, and if they guess one specific, easy to guess user name set up for the purpose, I can see what password is used to attempt access. I will get another few hundred password guesses before they get the right one to access the purposely set up (honeypot) account. When that account is accessed, the computer runs a program to block access. These access attempts come from all over the world. What are they looking for? Likely, they want to use my phone system to make spam calls to bug people and do it on my dime. Or they might want to sell phone cards to make long distance calls on my dime.
When a I check my website access logs to see who is visiting, I see attempts to access many popular programs and scripts used to run website and deliver the content people use. Attackers want to either steal user and customer accounts, send spam from my websites, set up a scam pharmacy or phishing site, or even use a company name to promote a scam. They are looking for a vulnerable account with an easy password or a bug in the program to accomplish their task.
On my home computer, I get attempts to log into my router, malicious files sent to me via email, and attacks when visiting websites. Again, these attacks have so far been unsuccessful. The purpose of these attacks are to use my computer to send spam, scam me out of money, or steal credit card, business information, or steal access information in order to abuse other systems. If I lived in the city, there would also likely be attempts to use my WIFI network to have free Internet access.
All that is required to be a target is to be using the Internet. Computers controlled by bad guys on the internet scan other Internet addresses looking for services that use these addresses. Once it finds a service to be targeted, then the next stage of attack begins.
I will be writing how to articles on not only how to secure your network at home, but I will also be writing articles on how to secure your smart phone against information theft and calls and texts being made on your dime. There are many steps even non savvy users can take to prevent becoming a victim.
Comments