http://www.ajc.com/metro/content/metro/gwinnett/stories/2007/07/23/computer_0724.html By GEORGE CHIDI The Atlanta Journal-Constitution Published on: 07/24/07 A Buford executive has told police that a computer hacker tried to get into his company computer by using a popular remote-access application. Andy Jensen, president and CEO of Buford Finance Company Inc., said he was in his office July 12 when he saw something unusual on his computer screen. "The mouse started going to town like it knew just what it was doing," Jensen said. For a few moments, the 50-year-old businessman watched in stunned silence. "I'm just telling you, I was so amazed." Somehow, he said, an application that let him access his computer from a remote location — called GoToMyPC — activated seemingly on its own. When it did, he shut the computer off. For good measure, he unplugged it. And then, Jensen said, he and his information technology staff freaked out. Gwinnett County police are investigating the incident as an act of computer trespassing. The computer contains sensitive information for hundreds of clients carrying millions of dollars in loans, Jensen said, but the hacker probably failed to get at Jensen's files because the contact was so brief. "I feel totally violated," he said. "If I hadn't have been here, they could have gone to town." The company that produces GoToMyPC, Citrix Systems Inc. of Santa Barbara, Calif., said similar cases have arisen after the computer user shared his or her password with someone. "Bar none, every single one of them was, 'Oh right, I shared my password with so-and-so,' " said John Kennedy, chief security architect for Citrix Online. Some people use the same password for multiple Web sites and applications, allowing a single password breach to open up every locked program, he said. "You want to use a complex password that you don't use on other sites. Write the password down and keep it in your wallet," he said. A security expert from Georgia Tech warned computer users to beware of remote programs that can record the keystrokes of a password as it is typed and secretly transmit the information to a hacker. He suggested that computer users install anti-virus software and download updates as they become available. "Typically, we have defenses for things we know, but we keep finding new ones all the time," said Mustaque Ahamad, director of the Georgia Tech information security center. "You have to make sure you turn off access where you don't want access." © 2007 The Atlanta Journal-Constitution _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jul 24 2007 - 22:47:24 PDT