Last month or year, December 2017 and this month January 2018 I was away on holiday driving from England to Europe and back again. I am always on the lookup for poor physical and cyber security. At a top German tourist sight, I spotted this and couldn’t resist taking a photo.
In a very public place was a large screen running XP with a TeamViewer window open. TeamViewer is a very well known remote control product and it authenticates usually with a unique ID + password or numerical PIN. If I was malicious I could have downloaded the TeamViewer app, entered the nine-digit ID and if I was lucky the screen would display the PIN or password. If not a simple call to the tourist office could provide it – social engineering.
On so many occasions I have seen screens in public areas running Windows and displaying interesting information. If the computer was compromised someone could pivot to other computers, steal customer information and more. TeamViewer can control computers, view their screen, transfer files and a lot more. Think of it as a “legal” remote access trojan if used incorrectly.
TeamViewer like anything maybe “secure” but if configured poorly is not.
How do you improve this scenario?
Use a strong unique password (ideally though this may be hard to manage) per host, restrict connections by IP address & controller ID, hide everything but what the public should see and of course move away from XP!