Is TeamView safe to use?
Over the last few days, a large number of users of TeamViewer, one of the most popular remote control applications for Windows, Mac, iOS and Android, have reported that hackers have gained control of their computers and then, from there, drained their PayPal, Amazon, and eBay accounts. So far, no one seems to be clear on how these TeamViewer accounts were compromised and the company behind TeamViewer is adamant that there has not been a breach. The company suggested in a press release (oddly dated the week prior) that the primary cause of the intrusions has been due to careless users reusing passwords across multiple accounts.
The problem has been widely covered in the press with articles on Hacker News, The Register, ZDNet, Ars Technica and by our CTO, Mark Gibbs, in his Network World Gearhead blog.
Who is at risk?
As far as is understood as of writing, users who have installed TeamViewer, used strong passwords, do not leave it running unattended, and have not reused passwords for multiple accounts and services, are safe. Until a definitive analysis and statement of the issues becomes available, users who leave TeamViewer running would be advised to not do so if possible. Moreover – and this is not surprising – those at the greatest risk appear to be users who have poor password management.
So, if you’re a TeamViewer user, what should you do? TeamViewer’s recommendations are in their press release and they suggest that you:
- Create different passwords for each account
- Do not share your passwords
- Change passwords regularly
- Do not use personally identifiable information for passwords
- Enable two factor authentication
- Use a password manager
This is solid, practical advice and essentially the core of Azstec’s recommended best practices for document and email security.
Am I at risk if I use Teamview?
If you have been using TeamViewer to access your company’s computers and you haven’t changed your passwords recently, then, yes, your security is at risk. We recommend you change your passwords NOW and make sure you’re using “strong” passwords.
Are you at risk if a third party recently did a “screen share” with you or you had a tech support engineer control your system? No, not if you properly shut down TeamViewer at the conclusion of the session, aren’t allowing TeamViewer to run unattended, and, of course, have recently changed your passwords.
If you use TeamViewer, it’s recommended to only run it when you need to rather than letting your machines automatically load it at startup. If you have to leave TeamViewer running (for example, where you need “any time” access a remote, unattended machine), make sure you log out of the application at the end of your TeamViewer session.
The importance of password management
We’ve written about password management best practices in our presentation, Azstec’s Seven Cybersecurity 2016 Must Do’s, and in greater detail in our article, Passwords: The first line of Cyber Defense. Whatever else may be going on with the TeamViewer hijacking case, the event highlights how crucial it is to have a cohesive and effective password strategy in place.
TeamViewer users are STRONGLY RECOMMENDED to change their account passwords immediately and then regularly (at least quarterly) thereafter and, of course, to NOT use the same credentials across multiple sites. You can generate and check passwords using the Azstec Password Genius.
Azstec’s security strategy for small and large businesses is simple: Encrypt, encrypt, encrypt. When everything is encrypted with strong, well-managed passwords, you minimize the risks from hacking attacks and data leakage. This is why we built docNCRYPT™, the premier document and email encryption solution that allows you to confidently communicate with your customers in a safe and secure manner. If you are concerned about email and document security, check us out at azstec.com.
When not beating the drum about document security David Griffith is the CEO of Azstec LLC, the creators of docNCRYPT, the incredibly simple document and email security solution for everyone. If you have any comments or questions, email David at dgriffith [at] azstec.com and follow the Azstec Blog or on Twitter or LinkedIn.
Be the first to comment on "TeamViewer Accounts Hijacked. Are You Doomed?"