Below the recommendations provided by the alert: The FBI alert warns of the abuse of desktop sharing software like TeamViewer, threat actors could abuse them access target network once obtained the login credentials of its employees. “TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.” “Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert.
The alert urges organizations to review internal networks and mitigate the risks posed by the above factors. The hackers remotely gained access to a software program, named TeamViewer, on the computer of an employee at the facility for the town of Oldsmar to gain control of other systems, Sheriff Bob Gualtieri said in an interview.” reported the Reuters. The investigation into the incident revealed that operators at the plant were using out-of-date Windows 7 systems and poor account passwords, and the desktop sharing software TeamViewer was used by the attackers to breach the network of the plant. The alert comes after the recent attacks on the Oldsmar water treatment plant’s network where attackers tried to raise levels of sodium hydroxide, by a factor of more than 100.