Sign in / up

back to article TeamViewer says Russia broke into its corp IT network

TeamViewer says it was Russian intelligence that broke into its systems this week. Yesterday, the remote-desktop software maker said it detected an "irregularity" within its corporate IT network on Wednesday without adding much more detail. Now it says, with the help of outside cybersecurity investigators, it reckons Russia's …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Khaptain Silver badge

    Heart attack material

    This is an extremely stressful situation for anyone that uses TeamViewer in a professional context as it's one of those tools that allow you to connect with full admin rights to a server/users machine when required.

    On a daily basis it's a tool which allows you to gain a plexitude (an exposant of multitude) of time when dealing with offsite serveurs/users and nothing, absolutely nothing, is more important than ensuring that security is absolute.

    If they have been hacked we have to consider the potential that we can be also hacked, with full admin rights according to the case, and the alternatives are not in the plenty.

    We have 2FA activated and have changed our passwords but we are in doubt, serious doubt about continuing..

    If someone can offer a better solution, ( please don't suggest SSH as an alternative, SSH has it's place but not for all occasions), we are all ears.

    8 3 Reply
    1. DoContra
      Reply Icon

      Re: Heart attack material

      There are quite a few self-hosted TeamViewer "clones" (one such alternative, not yet used by me), although depending on your needs, you may need a beefy server/network connection (you're live-encoding video).

      5 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Heart attack material

      Teleport is a good option.

      goteleport.com

      2 0 Reply
    3. diodesign (Written by Reg staff) Silver badge
      Reply Icon

      Re: Heart attack material

      On a personal level, some of my extended family use TeamViewer to remote-fix PC problems, saving a multi-hour trip and back in person to relatives.

      I'm sure the Russians aren't interested in my in-laws' emails but still, it's sub-optimal.

      C.

      9 0 Reply
      1. big_D Silver badge
        Reply Icon

        Re: Heart attack material

        On the other hand, companies with hundreds or thousands of clients all running TV, that is a tempting target...

        0 0 Reply
    4. Anonymous Coward
      Reply Icon
      Boffin

      Re: Heart attack material

      > .. anyone that uses TeamViewer in a professional context ..

      Working with SSH Servers, Clients, and Keys

      1 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Heart attack material

        Sure, I'm sure every user they want to provide desktop support to will be willing/capable of setting up a secure SSH connection before they receive any IT help. TeamViewer has its uses, unattended access to servers isn't it.

        7 1 Reply

    5. This post has been deleted by its author

  2. cosmodrome

    So Teamviewer has been moving from security hole to security hole for years. But this time they're not to blame because "the Russians did it". Funny, how all the usual suspects all have turned from jerks who don't want to smaller their profits by selling well-tested and secure products when they'll can just leave their customers with the damage and walk away into concerned victims of "state-sponsored" supervillains, "nation backed" "APT" and other invincible attackers. Of course they're not to blame, it was the Rrrussians *gasp* after all. Now we need to pay extra tax money to help those poor tech bros covering their asses (while still selling unsafe software for lots of cash).

    But even if it really were the Rrrussians *gasp* Teamviewer et. al. still are to blame beause the fucking let them in! Even double so. And do you know who else is to blame? You. Because you knew all that and you knew there are better -but less comfortable- alternatives and still used known to be unsafe software as someone admitted above.

    Funniest thing is that the Russians (no, really) might destroy software safety even without doing anything at all as long as everyone gets away with blaming them. That's what I call a viscious enemy - annihilating by their sheer existence. We're doomed! Doomed!

    5 6 Reply
    1. Zolko Silver badge
      Reply Icon

      We have always been at war with Oceania

      Some years ago everything bad was blamed on Ben Laden, do you remember ? And after him it were the Taliban, then Saddam Hussein. Today it's Putin. The next universal baddie will be the Chinese president, you read it here first.

      3 4 Reply
      1. Casca Silver badge
        Reply Icon

        Re: We have always been at war with Oceania

        And you defend them all...

        4 0 Reply
    2. seldom
      Reply Icon
      Facepalm

      Strange how these Russians/Chinese/Iranians/enemy of the day have the programming capabilities to attack all these systems but aren't capable of hiding where they did it from. I assume hiding the origin of your packets is really hard. And it's impossible to rent a server in a different country.

      Gosh, these commies/ayatollas must be really stupid.

      Thank goodness that we have PR departments (staffed by the best white-hat hackers) who can tell us that, even though the IT department can't defend the company from Cyber-attacks, PR know who did it.

      2 1 Reply
  3. Anonymous Coward
    Anonymous Coward

    All those scammers hacked?

    Oh noes... the software designed for use by scammers got hacked?

    TeamViewer should rot in the hot place.

    4 4 Reply
  4. wyatt

    We've used it, not as much as we use to. We made it clear that it is the customer's responsibility to enable and disable as needed- their choice if they want to secure the access.

    Many never allowed it, bet they're smug now!

    1 0 Reply
    1. Yorick Hunt Silver badge
      Reply Icon

      All of my customers know that I'll nuke any machine I find TeamViewer installed on.

      They're welcome to fire up TeamViewerQS (QuickSupport) on an as-needed basis when they need support from equipment vendors, but actually installing it is a BIG no-no.

      If they need perpetual remote access to their machine, there're a myriad far safer solutions that I'm only too happy to install/configure for them.

      3 2 Reply
  5. Charles Bu

    How to win friends and influence people...

    ...by Vlad "the Impaler" Putin.

    3 3 Reply
  6. The Dogs Meevonks Silver badge

    Stopped using them about 4yrs ago

    They turned into a really shitty company that tried to force people into paying hundreds for their 'free, non commercial' license or force them off their platform entirely.

    I used them to support my elderly mum and my sister, both of whom were at least a 40-60 min drive away.

    They pulled the same old shit that every remote desktop company pulls after they get a little too big for their boots... 'We think you're a commercial user and you must pay' there's no way to actually get a response from them to confirm that you're not... no way to whitelist your account either.

    So they allow you to disconnect and then disconnect you 30-60s later... over and over again until you either cough up hundreds for a license for software you use a few times here and there... or force you to find an alternative.

    So find an alt I did... and I switched to anydesk.

    Guess what 'anydesk' have just started doing.... trying to force you into paying for a license for their 'free, non commercial use'... same exact method being employed... claim you can whitelist, but refuse to respond when you do exactly that. Let you connect after a 100s delay and then immediately gives you another 100s delay after you've connected.

    This is the third time a company has done this to me for their 'free' tier that I use to support an elderly woman and a disabled sibling.

    So a few weeks ago, I switched to rustdesk, which is an open source solution and does everything I need for free, forever and you can setup your own server/instance and not have to rely on some arsehole corp who lies through their teeth to try and con people out of money.

    The simple thing to do... would be to say 'We're removing the free tier for non commercial use and replacing it with a simply £25 a year subscription' because I'd have actually paid for it... Instead they opt for the 'Fuck you, fuck off or pay us hundreds for a license you'll never use more than a few times a year.'

    The result... i shit talk them at every opportunity and point people towards actual free alternatives like rustdesk.

    12 0 Reply
    1. Roland6 Silver badge
      Reply Icon

      Re: Stopped using them about 4yrs ago

      > and I switched to anydesk.

      Had to install this as it was what a supplier used. It got removed asap when my blocked access to their online banking. Support said Anydesk was frequently used by scammers, hence why they block access when encountered.

      4 0 Reply
      1. The Dogs Meevonks Silver badge
        Reply Icon

        Re: Stopped using them about 4yrs ago

        It's been removed from 2 systems... when I next visit the sister in a few weeks... it will be removed from hers and rustdesk isntalled. It doesn't need to run at startup... only when they're having issues and I can use the single use password option they'd have to give me over the phone before I can connect.

        I have to have it 'always' on for mum and she can't understand technology... and simple instructions like 'double click on this specific item' means do everything EXCEPT the specific instruction and then ask... why is firefox/email open or where is it a hundred times... then 'what's the desktop?' then I can't find it at all, it's not there... for 20 mins.

        Even when I'm standing next to her talking her through something... and say something like... click once on the 'shopping basket' button.... she can't see the MASSIVE largest ORANGE button marked 'BASKET' in the middle of the screen. and only finds it after I'm literally touching the screen with my finger... and then clicks on it 10 times because it doesn't respond in 0.1 pico seconds.

        If I had my way... I'd take it away from her.

        and don't get me started on her phone... or how she's managed to royally fuck it up by installing garbage games and giving every permission to everything so that I can't fix it and have to do a factory reset... and then I get accused of deleting everything because she can't see her chats in whatsapp and assumes I've deleted her contacts.... cannot fathom out what a factory reset does and that her contacts are there... she just needs to talk to them.

        Sorry... rant over.

        Just dealt with some of her shenanigans this very morning and it frustrates the hell out of me.

        0 0 Reply
  7. Zolko Silver badge

    Is there something that Putin is not responsible for ?

    Today we planned to have a BBQ with friends but there will be heavy rain this evening : I'm sure it's Putin's doing, that bastard !

    8 5 Reply
  8. trindflo Silver badge

    If there is one silver lining

    At least someone knows how to keep their corporate and production systems separate

    4 0 Reply
  9. Anonymous Coward
    Anonymous Coward

    Hmm. I wonder if the Y-12 nuclear weapons plant is still using them.

    They used to.

    0 0 Reply
  10. Anonymous Coward
    Anonymous Coward

    Remote access software

    Just say no kids (and grandma)

    0 0 Reply
  11. ritmo2k

    Russia, Russia, Russia...

    1 1 Reply
  12. Anonymous Coward
    Anonymous Coward

    Hello, we’re a technology company

    And we need outside help with cyber security

    Brilliant

    Stupid is as stupid does

    It’s akin to a country not having a fire department

    1 1 Reply
    1. xanadu42
      Reply Icon
      Facepalm

      Re: Hello, we’re a technology company

      Based on recent reports about security failures from many of the "major players" cyber security is the least of their concerns ...

      ... until someone else notices the failures...

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like