http://www.ajc.com/metro/content/metro/gwinnett/stories/2007/07/23/computer_0724.html
By GEORGE CHIDI
The Atlanta Journal-Constitution
Published on: 07/24/07
A Buford executive has told police that a computer hacker tried to get
into his company computer by using a popular remote-access application.
Andy Jensen, president and CEO of Buford Finance Company Inc., said he
was in his office July 12 when he saw something unusual on his computer
screen.
"The mouse started going to town like it knew just what it was doing,"
Jensen said.
For a few moments, the 50-year-old businessman watched in stunned
silence.
"I'm just telling you, I was so amazed."
Somehow, he said, an application that let him access his computer from a
remote location — called GoToMyPC — activated seemingly on its own.
When it did, he shut the computer off. For good measure, he unplugged
it. And then, Jensen said, he and his information technology staff
freaked out.
Gwinnett County police are investigating the incident as an act of
computer trespassing.
The computer contains sensitive information for hundreds of clients
carrying millions of dollars in loans, Jensen said, but the hacker
probably failed to get at Jensen's files because the contact was so
brief.
"I feel totally violated," he said. "If I hadn't have been here, they
could have gone to town."
The company that produces GoToMyPC, Citrix Systems Inc. of Santa
Barbara, Calif., said similar cases have arisen after the computer user
shared his or her password with someone.
"Bar none, every single one of them was, 'Oh right, I shared my password
with so-and-so,' " said John Kennedy, chief security architect for
Citrix Online.
Some people use the same password for multiple Web sites and
applications, allowing a single password breach to open up every locked
program, he said.
"You want to use a complex password that you don't use on other sites.
Write the password down and keep it in your wallet," he said.
A security expert from Georgia Tech warned computer users to beware of
remote programs that can record the keystrokes of a password as it is
typed and secretly transmit the information to a hacker. He suggested
that computer users install anti-virus software and download updates as
they become available.
"Typically, we have defenses for things we know, but we keep finding new
ones all the time," said Mustaque Ahamad, director of the Georgia Tech
information security center. "You have to make sure you turn off access
where you don't want access."
© 2007 The Atlanta Journal-Constitution
Received on Wed Jul 25 00:30:02 2007