Backdoor

The term translates as ‘backdoor’ and refers to an alternative means of accessing software or a computer. A backdoor may be built into a programme by a legitimate software manufacturer, for example to allow access to the programme on behalf of the customer in the event of a forgotten password. As malware, a backdoor allows cybercriminals to access a computer or network. They can thereby control a computer, lock it, encrypt its data, manipulate inputs or spy on it. A backdoor program often enters the system via a Trojan horse.

What exactly does the term ‘backdoor’ mean?

• Even if a backdoor in legitimate software has practical uses, it still poses a security risk.
  A backdoor program can be installed alongside a Trojan horse or disguise itself as a Trojan horse. Therefore, security measures designed to prevent Trojan horses are also effective against backdoor programs.
• If a Trojan horse has installed a backdoor programme, the latter remains active even if the Trojan horse is detected and removed.
• Even for experienced programmers, finding a backdoor in a piece of software’s source code can be difficult. In line with the principle that many eyes make a good pair, open-source software is considered more secure in this respect (though not completely secure!), as it is scrutinised by many programmers.

Where do I come across backdoors in my day-to-day work?

By opening a malicious email attachment, you may unwittingly install a backdoor program on your computer. This may initially go unnoticed, for example if the program is designed to spy on data and password entries. Or if it sets up a backdoor for a blackmail attack that takes place at a later date.

What can I do to improve my security?

• Many measures designed to improve cybersecurity also help to prevent the installation of backdoor programmes. These include:
  Using an antivirus programme that is kept up to date
• Only install software and updates from verified sources; if necessary, visit the manufacturer’s website manually
• Exercise extreme caution when dealing with emails, particularly with regard to links and attachments contained therein
• Use a firewall to prevent access to any backdoor that may exist.