A backdoor is alternative access to a software or hardware system that bypasses normal access protection. A backdoor can be used to bypass the security mechanisms of hardware and software. The access may be intentionally implemented or secretly installed.
What Is a Backdoor Attack?
In the IT environment, a backdoor is an alternative access method to programs or hardware systems bypassing the usual security mechanisms. It can be intentionally installed by a programmer or secretly installed by a malware. Trojans are often used to install a surreptitious access method.
Manufacturers of IT systems use implemented backdoors to gain access to a device for service or repair purposes. For example, forgotten master passwords can be reset. Deliberately implemented backdoors pose a security risk because the existing security mechanisms can be bypassed by knowing the secret access. Backdoors are often used in conjunction with Trojans and computer viruses to gain unauthorized access to a computer.
Differentiation of a backdoor from a Trojan horse
The terms Trojan and backdoor are often mentioned in the same context. However, their functions are clearly distinguishable. While a Trojan is a piece of software that disguises itself as a useful program but in reality performs other functions, the backdoor provides alternative access to a system.
Trojans are used by hackers and cybercriminals to install a backdoor on a computer without the user’s knowledge. The Trojan is virtually the auxiliary tool for the attacker to gain unauthorized access. Once the backdoor is installed on a computer, the actual Trojan is superfluous for gaining access to the system.
Hybrid forms of Trojan and backdoor also exist. In these, the Trojan opens the backdoor only for the time period in which it is executed. After the Trojan software is terminated, the backdoor is no longer available.
Protective measures against a backdoor
Depending on the type of Trojan, there are several ways to protect computers or software from a backdoor. If Trojans are used to install backdoors, regularly updated virus programs and responsible use of third-party software offer good protection. Unknown e-mail attachments, in particular, should be treated with suspicion, as e-mails are a popular medium for spreading Trojans.
The software on the computer and its network traffic should also be subjected to regular scans. A firewall function provides protection against backdoor access via network connections. All software on a computer must be updated regularly and patches must be applied promptly.
Programs based on open source software can be checked for implemented backdoor mechanisms with the appropriate knowledge. Developers of such software are unlikely to succeed in building secret backdoors and access points into the code.
Examples of backdoor
A very well-known example of a backdoor was implemented in some BIOS systems. In these, access was possible with the password “lkwpeter”. Alternative access methods can also be found in various network components, such as routers. For example, various devices from American network hardware manufacturers are said to contain backdoors for the US secret services.