Lenovo (formerly IBM), the world’s largest PC manufacturer, was recently found to have been secretly installing spyware in all the new computers it has sold for at least the past six months. The software, known as “Superfish” after the company that created it, disrupted the security mechanisms used by those computers to securely connect to the Internet.
By hiding this spyware on the machines it sold, Lenovo had the ability to force buyers to see its own ads on websites instead of ads shown by competitors. Lenovo has claimed that it used Superfish to “improve [its customers’] shopping experience in a novel way”. It has also said that the software was “opt-in”, meaning that users had to choose to enable it. Yet Lenovo has been unable to point to any step in the process of buying or starting up one of its new computers where users were prompted to install or use the Superfish software.
Superfish, then, seems to have been installed without its users’ knowledge or consent. And worse, Superfish permits hackers to access infected machines with little effort and intercept secure traffic. Due to the way that Superfish works, users of infected machines would not have any way of knowing that their secure connections were anything but.
Unfortunately, it appears that the Superfish software was installed on millions of new computers sold in the past few months, and without buyers taking action to remove it, will remain on those machines indefinitely. Although Lenovo has shut down the Superfish servers so that users will no longer see extra ads in webpages, the security problems introduced by Superfish will leave these machines vulnerable to attack unless and until their users manually fix the issue. The encryption on the Superfish software itself used a weak password that was cracked immediately, and hackers are no doubt already working on ways to exploit the vulnerabilities introduced by Superfish.
Since this issue came to light, Lenovo has stopped installing Superfish on its new computers, and is now offering a removal tool for affected machines. Several antivirus packages, such as Microsoft’s Windows Defender and McAfee’s Antivirus Plus, have also been updated to remove Superfish.
The Technology Law attorneys at Helmer, Conley & Kasselman, P.A. recommend that anyone with a Lenovo computer test to see if their computer is infected with the Superfish malware. If so, users should immediately use Lenovo’s removal tool to wipe out Superfish and its related security vulnerabilities. And of course, be sure to regularly use Windows Update on all your computers to keep them up to date with all the latest security updates from Microsoft.
Security problems like the Superfish spyware infection and the recent Anthem data breach will continue to plague businesses large and small in our digital future. If you are concerned about your business’ security exposure, or you have suffered a data breach, contact the technology law attorneys at Helmer, Conley & Kasselman, P.A. for immediate assistance. We can help you understand electronic security and take the appropriate steps to protect your data and prevent and respond to attacks.
Helmer, Conley & Kasselman, P.A.: Call Us – Problem Solved.