Symantec, a leading anti-virus and PC protection software developer, has suggested its customers disable its pcAnywhere remote control software. The recommendation comes following news of a potential breach of security by hackers, who may have acquired old source code used in the program. Although Symantec assures its customers that applying up-to-date patches and following manufacturers’ recommendations for operating the software properly is enough to deter any likely attack, the risk still exists that users of the software can have their computers taken over remotely by unwanted “middlemen.”
The news reflects an increasing trend in malicious hacker activity aimed at security corporations, websites, and software. At this time, it seems that no entity is safe from potential security breaches, regardless of their governmental or corporate association. In this particular case, the greatest threat applies to business-related activity carried out by the pcAnywhere software – the possibility exists that hackers can gain control of computers and access valuable data that are used by a company for business purposes. Such a security breach can result in the seizure of sensitive data such as consumer information (including credit card information, names and addresses, etc.) and private financial information associated with the company or its employees.
Individuals who use the software are still at risk, but it is less likely that they will be targeted simply because the data they have on their personal computers is probably not nearly as valuable as data that could be accessed on corporate networks, servers, and computers. While identity theft is a serious concern for said individuals, hackers would have to spend far more time and effort in an attempt to amass credit card numbers, addresses, and other personal information than they would to gain similar information about entire companies. Frankly, the reward is greater for hackers who target organizations and companies.
In general, the internet has seen a dramatic increase in the frequency and severity of database hacking. Everything from government websites to security corporations have had their services cut off, websites shut down, and information stolen at the hands of remote hackers with the skills necessary to cut through preventative security measures. In addition to the relatively benign hacking that occurs between internet criminals and corporations, there have been increases in governmental intervention through web-related content such as viruses. The infamous “Stuxnet” virus contaminated Iranian nuclear facilities, rendering some of their equipment useless while informing operators that everything was fine. The virus was spread to a point where it was essentially ubiquitous among governmental computers and networks in several counties that were not intended targets. The virus itself was programmed to attack one very specific target – Iranian nuclear facilities – and to remain dormant until that target had been found.
This all comes as legislation (i.e. SOPA & PIPA) to effectively control the flow of information through the internet was recently shot down. Instances of hacking and security breaches such as this one can be expected to become exemplifiers of the dangers associated with the current status of information exchange over the internet for proponents of such legislation.