Imagine this scenario: You are checking your bank statement and see that you have made a hundred and fifty dollar purchase in Baltimore, Maryland. The only problem is that you live in San Diego, California and you have not gone out of the state in the last year. So you call your local bank and file a claim stating that your recent bank statement has recorded a purchase that you did not make. So like every bank, they give you a claim number and tell you they will call you back. So after a short week, your bank calls you and tells you that the purchase has been dropped and that they will send you a new credit card, you are relieved to hear this and assume that the conversation is over, but the phone call continues. The claim investigator asks you what recent stores you have been to in the last month. After disclosing the information, the investigator tells you that you have been one out of two hundred thousand victims that had their credit card information stolen and that the possible reason is that a POS had been hacked into.
A computer that acquired a DLL is set up in a way that makes itself susceptible to corruptible DLLs. So to ensure that you never get a rouge DLL, I am going to over a checklist to maximize your computer security:
The Point-of-Sale (POS) is the location where the transactions occur at a store. POS systems have many different components that execute credit card transactions. For example, it reads the credit card and transactions the credit card information to a source, like MasterCard, and it sends back a confirmation number. So companies try their best to keep their POS terminals as secure as possible. However, there is always a chance that a hacker can get into the main database and retrieve credit card numbers. For instance, I recently read about a threat where a hacker was able to install a rouge DLL on several POS systems within a network. For those of you that do not know what a rouge DLL is, they are shoppers’ worst nightmare. It crawls into your system disguised to blend normally until commanded to hijack the network. Since a rogue DLL masks itself from anti-virus software, detection is near impossible. It is not until the hacker sends out a command to wake up this DLL to creep through a network gathering important information.
A computer that acquired a DLL is set up in a way that makes itself susceptible to corruptible DLLs. So to ensure that you never get a rouge DLL, I am going to over a checklist to maximize your computer security:
- Windows Security updates – Check for updates very often and install all the latest service packs on your computer. (Allow Service Packs to be automatically installed)
- Firewall – Make sure that your windows firewall is turned on.
- Anti Virus/ Anti Spyware – make sure that you install both an anti-virus and anti-spyware software package on your Windows PC.
- Increased Browser security– Use well-secured browsers such as Mozilla Firefox, Chrome, etc. With this not only will you be getting increased security, you always have the regular Anti-Virus running on your computer.
- Network setup – Add a strong password (something you can remember but that no one can guess) to the accounts located on the network. Use a windows limited user account for your daily work. As a user, you cannot install software, so if you acquire a virus it will unable to do this because it does not have permission to install programs.
- Automatic Password Lock – This will lock whenever you step away from the computer to ensure that no one can come in and
- Make sure your POS system is PCI compliant – Refers to the set of security standards to ensure account data protection.
- Inform your employees of the latest security threats – Rogue Security Software has become prevalent in recent years. It infiltrates computers via web pages that have been compromised and sends pop-up alerts telling you that your computer is at risk and that you need to download their software so that you can remove the risk.
Sometimes, even after applying these security measures, it may still not eliminate the possibility of a rogue DLL hiding somewhere in the computer. Computer security professionals also advise checking the system restore point since many times it gets stored somewhere in the past restore section. Some of the suggested steps to take are going into Safe Mode with the System Restore feature turned off and running a full and thorough scan of the computer using a well-known Anti-Virus and/or Anti-Malware software. Though you may have deleted the Rouge DLL at one point, it can be regenerated by another program hiding in the system restore point.
While taking these precautionary steps you do not completely stop yourself from being a hacker, but you do reduce the chances. Good luck locking down your computer!