Computer Security Professionals Warn Users On Malware-infested Hardware Products

By Author: eccuni
Total Articles: 211
Comment this article

Security professionals have alerted users on malware infested hardware devices in circulation. According to Australian Computer Emergency Response Team (AusCERT), the affected devices include Card Reader, DVD, External 4-in-1 hard drive and USB device sold by Aldi, a German Supermarket giant. The malware affects Windows Operating System. Once transmitted to the computer systems, the malware attempts to extract sensitive personal and financial information related to the users. Attackers may use the extracted information to carry out various fraudulent activities like identity theft and fraud. They may use the details to masquerade as a friend, peer, legitimate company or bank and seek additional personal and financial details. Most serious of crimes include redirecting legitimate mail from a banking company to a fake address, open fraudulent credit and online accounts in the name of users and stealing funds from online accounts.

This is not the first case of availability of malware-infested devices in the open market. Earlier, some products shipped by Samsung, IBM, Olympus and Aldi were found to be malware-infested. ...
... Aldi has reportedly removed the infected products from the market. However, security researchers at Internet security firm Sophos have detected availability of the said products online. On detection of contaminated or malware-infested products, users must immediately inform to the concerned vendor and regulatory agencies of the country to prevent malware from spreading to many other computers.

Some malware and viruses attempt to disable the anti-virus software installed on the computers. Users, who suspect that their system is infected with virus or malware, must stop making online transactions and avoid logging on and sharing personal and financial data on banking, online shopping, taxation or other government websites. Individuals, who have utilized these devices, must immediately run full system scan their computers with genuine security software. They must update security software to include latest virus and malware definitions. They must follow security blogs, advisories, alerts and e-tutorials to keep themselves abreast of evolving security threats. Users may benefit from online degree programs and acquaint themselves of cyber security fundamentals and best practices to safeguard computer systems.

Developers must thoroughly test the hardware and software products before shipping them to the market for commercial use. IT professionals must keep track of developments in the security environment. Hiring professionals qualified in IT degree programs and computer science degree programs may help organizations in identifying and implementing necessary security measures. Organizations must have appropriate intrusion detection and prevention systems in place to thwart security threats to the IT networks. They must appropriate filters to detect and remove spam e-mails. Organizations must have adequate security policies in place for use of external disks, DVDs and USB devices. They must train employees on the security measures and have adequate monitoring mechanisms to promote IT security conscious culture in the organization. A malware attack targeted at an organization may compromise sensitive customer and business information. Mandatory e-learning and online university degree programs may also help employees in understanding the basic tenets of cyber security and ensure safety of computer systems and sensitive data stored on them.