4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What happens when trusted software is the virus?



Hackers have ingeniously struck again by adding a hidden backdoor into a popular maintenance and file clean-up tool, CCleaner for Windows. The hacked version of the tool allows for the malicious download of additional malware, meaning the hackers could do anything with those affected systems. According to Avast, the company that owns CCleaner, approximately 2.27 million systems ran the affected software.

On Sept. 18th, Forbes reported the hack.

It would be fair to assume that this type of hack is going to become more popular as time goes on. Adding backdoors to existing trusted software is a highly efficient way to rapidly distribute malware to millions of systems without detection, and only requires a hack in one place (the software manufacturer) to succeed. This type of hack is a good example of a potential data breach that is almost impossible to prevent or detect until some kind of public announcement has been made. At that point, from a cybersecurity perspective, it becomes a race against time, and the assumption has to be that any system with the hacked software might already be compromised with additional malware, and should be treated as a potentially hacked system.  This, by definition, is a mediation event.

The first step is to establish the scope of the potential breach by identifying every system that has the hacked software installed. The next step is to remove the offending software as quickly as possible from the entire environment. The final step requires that each of the identified systems be carefully scanned to confirm whether any additional malware was already downloaded and installed.  Another option for those environments that have imaging capabilities is simply to re-image all of the machines that had the hacked software installed. These three steps can be a daunting task for a busy IT department in a mid-market or larger organization, especially if the right IT management tools are not already in place.  This is where an integrated network management platform really helps in both reducing the amount of labor required to get these steps completed, but even more importantly, reducing the amount of time it takes to get it done.

Within 24 hours of the announcement, our Network Operations team was able to get all three of these steps completed on approximately 2600 managed nodes. The integration between the desktop/server management platform, the automated scripting engine, and the combination of anti-malware products that are completely integrated into the platform made all the difference.

The challenge with purchasing, installing, maintaining, and utilizing these types of tools is substantial, as they require a continuous investment in engineering labor to maintain them, and specialized expertise in software engineering to take maximum advantage of the automation built into the platform. As new IT management products are added the environment, ( i.e., malware detectors, threat intelligence engines, firewall, etc.) they need to be integrated into the management platform so that alerting and reporting are automated and workflow rules can be added to that the right people see the right alerts.

Effectively mediating a cyberattack (securing the environment after a breach) is going to increasingly become a more important component of the cybersecurity arsenal.


Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Backup Hackers Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency Windows IT Support Disaster Recovery Innovation Business Continuity Hardware VoIP Workplace Tips User Tips Saving Money Computer Virtualization Windows 10 Upgrade Miscellaneous Mobile Devices Mobile Device Management Data Server Network Security Mobile Computing Email Alert Save Money Microsoft Office Communication Network communications Quick Tips Smartphone Small Business BYOD Going Green Mobile Office Social Media Information Technology Smartphones Android Office Apps Health Application Ransomware Browser Managed IT Services Outsourced IT Gadgets Operating System Chrome Avoiding Downtime Mobility Disaster Tablet Productivity WiFi Managed IT Holiday Firewall Cybercrime The Internet of Things Passwords Remote Computing Telephone Systems Unified Threat Management IT Solutions Spam Risk Management BDR Search Best Practice Data Management Cybersecurity Vendor Management Facebook Employer-Employee Relationship Budget Hard Drives Automation Saving Time History Remote Monitoring Hacking Apple VPN Hosted Solution Computers Marketing Data Recovery Big Data Recovery Phone System Content Filtering Money Proactive IT iPhone Data Backup Customer Relationship Management Office Tips User Error Collaboration Law Enforcement Phishing Wireless Technology Password Office 365 Bring Your Own Device Telephony Vulnerability Printer USB Encryption Humor Analytics Administration Gmail Router Wearable Technology Government Maintenance PowerPoint Virus Lithium-ion battery Antivirus Shortcut Social Work/Life Balance Current Events Trending Education Social Engineering Net Neutrality Politics Personal Information Tech Support Private Cloud Point of Sale IT COnsultant Outlook Computer Repair Wireless Unsupported Software Cloud Computing Google Drive App SaaS Cost Management Save Time Audit Data Security Intranet HaaS Bandwidth Data Protection Printer Server Users Business Intelligence Laptop Windows 8 OneNote Emergency IT Support Artificial Intelligence Meetings Applications Windows 10 Display Instant Messaging Network Congestion Emails hacker HIPAA Augmented Reality Entertainment Help Desk Transportation Benefits Paperless Office DDoS Computer Accessories Computer Care Battery Robot Fax Server Data Storage Compliance Mouse Workplace Automobile End of Support Streaming Media Two-factor Authentication Uninterrupted Power Supply Managing Stress Excel online currency Internet Exlporer Social Networking Internet of Things Identity Theft Solid State Drive Travel Flexibility Sports Customer Service Efficency Update Biometrics Retail Virtual Reality Samsung Wi-Fi Website Wiring Information Training Patch Management Administrator Colocation Human Resources Consultant Google Maps IT consulting Debate The Blindside Of Commerce Running Cable OneDrive Company Culture Regulation Amazon Black Market Access Touchscreen Software as a Service Reliable Computing Co-managed IT IT Security Bloatware Cleaning Sync Lifestyle Data Loss Experience iOS Keyboard Managed IT Service Ebay Avoid Downtime Nokia Adobe Computing Managed IT Services Branding Google Docs Music Computer Fan Hiring/Firing Distributed Denial of Service Licensing Data storage Microsoft Excel WIndows 7 Books Dark Web Smart Technology Screen Mirroring Inbound Marketing Video Games eWaste Storage Regulations Document Management Advertising File Sharing Data Breach Cast Value Legal Twitter Mobile Device Cameras Windows 10s Touchpad Surge Protector systems User Managed Security Nanotechnology Science Scam Hard Drive Television Virtual Desktop Tablets 3D Printing Presentation Hard Disk Drive Root Cause Analysis Bluetooth hack Best Available Uograde Employer Employee Relationship HBO Images IT Technicians NFL Worker Commute best practices Operating Sysytem CrashOverride PDF SharePoint Cortana ISP IT Management Scalability Files Word data breach Safety Settings Blogging Text Messaging Teamwork Legislation Programming WIndows Server 2008 Busines Continuity How To Chromecast Networking Upgrades Windows Ink Near Field Communication risk management Comparison Specifications Shadow IT Relocation Webinar Tutorial Mobile IT solutions IT service Professional Services Domains Taxes Youtube Microblogging Supercomputer Electronic Medical Records Gift Giving Sales Buisness IT Budget Managed Service Provder Webinar Reputation