Hacked - What to do if you're a target

It's not practical to expect the IT person/department to do their job? A company that allows that attitude from their IT people deserves what they get, compromised.

Setting up and maintaining multiple security layers is preferable to dealing with the layer that is the problem, the users work stations? This is beginning to look like maintaining job security by refusing to fix the problem so they'll always have work to do.

 

Unplug ethernet?

 

Here is a current attack:

Executives at a Swedish Company Targeted via an Email Attachment
http://isc.sans.org/diary.html?storyid=5662

Note the double extension trick. If Windows is configured to hide known file types, the .exe extension would not show. Also, if I had Excel installed, the Excel icon would display:

​

Actually, an attached executable file should never get through a mail server. They are deleted by mine automatically, unless zipped.

​

Also, you wonder if the person would stop and think whether or not she/he had recently sent an XLS file by email to the recipient.

If company personnel are tricked into opening this file, the only sure protection would be if the workstations were configured
so that users could not run unauthorized executables.

205393

[credit: scribd.com white paper]


----
rich

 

I use common sense, NAV, Windows Firewall, a reputable e-mail client, a hardware firewall and a dynamic IP to stealth myself from hackers.

If I am hacked, I would just reformat and change my IP through my ISP.