• David Moore

A (new) case for powering down


I am often asked about whether a computer should be powered down, when not in use, or not.

I've even written about it here, which means I've written about it elsewhere too, ...

https://www.ihatemypc.com.au/single-post/2018/10/15/To-power-down-or-not

But something many people won't consider, when considering powering down, is hackers.


A recent job entailed 4 computers across 2 sites that had all been hacked over the weekend.

The business sites had been left at the close of the day's trading but the computers had been left on.

All the computers were connected to a remote support tool for which the "hackers" had acquired the relevant login email. They got into that email account and performed a reset / recovery of the remote control tool through the businesses email account.

They them proceeded to do whatever they wanted with the 4 computers...while no-one was around to notice anything happening on the screens.

If the machines had been switched off at the end of the day they they couldn't have been controlled or accessed at all.

The breach would probably still have occurred BUT the likelihood of someone noticing the attempted fraudulent remote control sessions during business hours ...with someone there...would have been much greater.

Even if it IS business hours and someone is around, it is a good idea to turn off remote control tools until such time as you really need to use them.

Don't leave them running all-the-time "just in case" you or someone else wants access.

If you need remote tech support, call them and then...and only then..start up their preferred remote control tool.

Now is probably a good time to talk about passwords (again) too.

While this example only required access to the email account to get going, often a common password shared among resources opens up a Pandora's box of hacking opportunities to the baddies.

Make sure the password for each of your services and online accounts is unique and, where critical to life, money, the universe or whatever, use multi-factor-authentication.

See related / linked posts on passwords too.

Of course there are many more ways to get into your computer and cause havoc... but pretty much none* of them work when the power is off ;-)

David

* because your computer can be turned back ON by remote control under certain circumstances.

Do the opposite of this https://www.howtogeek.com/192642/how-to-remotely-turn-on-your-pc-over-the-internet/

#power #hacked #passwords #remotecontrol

I Hate My PC

You know we understand

Call 0410 318 325

© I Hate My PC. All rights reserved