dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
653
share rss forum feed


alexander7

@shawcable.net

Is my office the subject of an attack?

Recently three of the four of the computers at my office have died after experiencing several days of crashes, freezes etc.

My question is, could this be the result of an attack through my modem/router combo (SMCD3GN provided by Shaw)?

Here's a bit of a back story to explain why I feel this is a possibility:

My company is involved in a lawsuit in which we (the plaintiffs) have a lot to gain and which the defendants have a lot to lose. The case is probably about 95% in our favour.

Recently, the company in which we are involved in litigation with brought a defamation case against us. This case had to do with alleged defamatory posts made on online forums. The company was able to get a court order to see which ip address made the posts in question. They were then able to get a second order to see who that ip address belonged to, and, of course, it said it was us. While some of the posts made on the online forum under specific aliases were in fact us, the ones that were truly defamatory in nature were definitely not us.

Is it possible that this company was able to hire a firm to hack into our router to make posts from our IP, and then eventually cause our computers to crash?

Thank you!



Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
kudos:13

1 recommendation

said by alexander7 :

Is it possible that this company was able to hire a firm to hack into our router to make posts from our IP, and then eventually cause our computers to crash?

Only in a bad movie. Otherwise, no

Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2012/13

nonymous
Premium
join:2003-09-08
Glendale, AZ
reply to alexander7

You would need someone with on site access to the computers to really tell you what the problem is.
Hacking through a secure router is near impossible. Now sending someone an email and making them open up an attachment that is enticing to open maybe. There is more than one way to gain access to things.
Thing is depending on what you mean by crashing you may have just had a large power surge take down everything. That is say not even booting up or any lights on etc.
Without more info we would just be guessing.



Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable

1 recommendation

said by nonymous:

You would need someone with on site access to the computers to really tell you what the problem is.


Absolutely.
If the stakes are high enough buy, rent or lease some forensic computer security expertise.

said by nonymous:

Hacking through a secure router is near impossible. Now sending someone an email and making them open up an attachment that is enticing to open maybe. There is more than one way to gain access to things.

I'll toss a good ole fashioned physical break-in into the mix.

redwolfe_98
Premium
join:2001-06-11
kudos:1
Reviews:
·Time Warner Cable

1 edit
reply to alexander7

alexander, i hope you manage to get things straitened out..

it is possible that someone could do things with your computers by remote control if certain types of malware were on your computer..

also, if your network has "wifi" and it is not secure, i have heard of cases where people have "hacked" the wifi and then done malicious things with the person's computer just to get them in trouble.. here is one example, but i also have heard of other similar cases:

»www.wired.com/threatlevel/2011/0···om-hell/


HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to alexander7

said by alexander7 :

Recently three of the four of the computers at my office have died after experiencing several days of crashes, freezes etc.

said by alexander7 :

Is it possible that this company was able to hire a firm to hack into our router to make posts from our IP, and then eventually cause our computers to crash?

Personally, I fail to see what one has to do with the other, but I'll bite.

a) crash / freeze / etc. can be the symptoms of anything from failing hardware to faulty software, up
to attempt(s) to hack the computer itself. In order to prove it, I'd seek out a professional cybersecurity / auditing
firm to make that determination. Anything below that is speculation / grasping at straws, plain and simple.

b) IP address(es) are NOT proof of identity from an IT perspective, I'll give you four letters why -- DHCP.
I'll save the lawyering aspects for those better versed in that, nor do I have any sort of training / experience
in the legal aspects of that statement.

Sounds like you're in quite a pickle alexander7, and I don't envy you one bit. I sincerely hope the legal team
you got working on this has at least SOME grasp of IT AND experience with IT / cybercrime, otherwise
all you and the other party will end up with is a bunch of manure on each other's faces at the end of it.

My 00000010bits

Regards

TheMG
Premium
join:2007-09-04
Canada
kudos:3
Reviews:
·NorthWest Tel

1 recommendation

reply to nonymous

said by nonymous:

Hacking through a secure router is near impossible. Now sending someone an email and making them open up an attachment that is enticing to open maybe. There is more than one way to gain access to things.

Indeed. Social engineering is a very popular method these days. It's so effective and so much easier than hacking your way in!

After all, the weakest link when it comes to IT security is usually the end users.


ohlawdy

@telus.net
reply to alexander7

people have scanned their local cable internet area neighbors and abused vulnerabilities in a gateway unit. So do some forensics on your gateway. Hopefully the access logs are still there in it if it was attacked.

Check the firmware number to be sure its Shaws firmware and not a hacked version installed by a hacker. Hacked firmware can help assist the unit upload a virus to connected computers.

How vulnerability can be in a cable internet gateway.
»www.cvedetails.com/vulnerability···cr-.html

A poorly made firmware update can also set a gateway to default settings, resulting in it being wide open. Rogers may of had that happen a while back.

Also cloning a cable modems mac to be able to impersonate it, as the ISPs system doesn't know which exact address the modem is actually transmitting/receiving from.