How to Stop Microsoft from Using Your Bandwidth to Send Updates to Other Computers on the Internet

If you upgraded to Windows 10, Microsoft might be using your computer and Internet connection to send Windows updates and even applications to other computers on the Internet. The Windows Update Delivery Optimization (WUDO) feature is what makes this possible.

When WUDO is enabled, the following occurs:

  • Your computer will receive updates and applications from other computers besides getting them from Microsoft.
  • Your computer will send updates and parts of applications that it downloaded through WUDO to other computers.

To a limited degree, you can choose which computers are involved in sending and receiving updates and applications. You have two options. One option is to keep the exchange limited to computers in your local network. This can reduce the amount of bandwidth needed to keep those computers up-to-date, according to Microsoft. The other option is to let the exchange occur between computers in your local network and computers on the Internet. This option is designed to help people who have a limited or unreliable Internet connection, notes Microsoft.

WUDO is enabled by default. It is set to allow computers in your local network and on the Internet to send and receive updates and applications. If you are not okay with these settings, here is how to change them:

  1. Click the "Start" button and select "Settings".
  2. Select "Update & Security".
  3. Choose "Windows Update" in the left pane.
  4. Click "Advanced options" in the right pane.
  5. Select the "Choose how updates are delivered" option.
  6. If you want to disable WUDO, move the on/off slider to "Off".
  7. If you do not mind the computers in your local network sharing updates and applications, keep the slider to "On" and select the "PCs on my local network" option.

Defending Against Cybersecurity Threats in Your Hotel Room

This July 4th weekend according to AAA is going to be the busiest ever.  A projected 43 million Americans will pack their bags to celebrate the 4th.  Being on the road is typically a stressful affair. Travelers have to worry about making their flight connections or booking reservations to a hotel or restaurant. Just being in an unfamiliar area can make some people anxious. Unfortunately, when sorting out these issues, some travelers don't think about the cybersecurity threats that they may be facing.

Many businesspeople use public Wi-Fi networks when on the road. This practice is particularly unsafe, since hackers can use fake hotspots to break into their targets' computers. Even when a network is legitimate, hackers can still spy on a target's web connection, hijack their data, and infect their computer with malware.

Many hackers have begun to focus their efforts on hotels, since they are typically full of traveling executives. These businesspeople are considered to be high-value targets since they may possess access to company bank accounts or sensitive information. Experts have already uncovered a number of sophisticated cyberattacks that targeted hotels and their guests.

Examples of Cybersecurity Threats in Hotels

Kaspersky Lab, one of the world's leading cybersecurity firms, announced in November 2014 that it had discovered an advanced cyberthreat that targeted several luxury hotels. The threat, which the firm called "Dark Hotel," went unnoticed for 7 years before being uncovered by Kaspersky. Although the attacks were predominantly focused on East Asian countries, researchers discovered instances in the US, Germany, and Ireland as well.

Each Dark Hotel attack began with hackers compromising a hotel's Wi-Fi network. After a guest at the hotel connected to the compromised network, the hackers offered them "updates" to well-known software like Adobe Flash Player. These "updates" contained malware that allowed the hackers to take control of the guest's computer. The malware also included a keylogger program that the criminals used to steal usernames, passwords, and other important pieces of information. They also used phishing techniques to spread their malware, specifically by sending malicious email messages to governmental and nonprofit organizations.

These attackers were quite skilled, as evidenced by the fact that they used previously unknown vulnerabilities in major applications. They were also very careful about not getting caught. Their malware was designed to remain inactive for 6 months after infecting a computer. This made it very difficult to discover. It also had a self-destruct protocol, so researchers would have trouble studying it after detection.

Attackers can also use hotels' vulnerable IT equipment as part of their attacks. These vulnerabilities can be very severe, as the Cylance cybersecurity firm showed in March 2015. The company announced that it had discovered a major vulnerability in a popular network router used by hotels and convention centers around the world. Hackers could have exploited this vulnerability to compromise a hotel's Wi-Fi network, and infect any computers connected to the network with malware capable of stealing data and personal information. The router's manufacturer quickly released a patch that fixed the problem, but the case demonstrated just how insecure hotels' Wi-Fi networks can be.

Compromised wireless networks are not the only cybersecurity threats that one can find at a hotel. Infected computers also represent a serious threat to travelers' online safety. One case in Dallas, Texas, was so severe that the US Secret Service and the Department of Homeland Security had to publish a warning about the threat. The case involved hackers that used keylogger programs on the public computers in the business centers of several major hotels in the area. The authorities noted that even though the attacks required relatively little skill, the hackers were still able to successfully steal a large amount of data, including guests' personally identifiable information (PII) and the login credentials to their online bank accounts.

How to Protect Your Computer When Traveling

The Dallas attacks show just how important it is to avoid online banking on public computers or unsecured Wi-Fi networks. Travelers are especially guilty of breaking this rule while on the road, with many of them connecting to public wireless networks in airports, coffee shops, convention centers, and hotels.

If you need to access your email inbox while traveling, create a throwaway email address and use your smartphone to forward the relevant message or messages to the throwaway email address. This lets you keep your regular email account safe from hackers.

When traveling, make sure that your computer doesn't automatically connect to unknown Wi-Fi networks. Similarly, avoid visiting any websites that are not secured by HTTPS. The encryption provided by this communications protocol protects web traffic from hackers. You can also use a virtual private network to encrypt your web traffic.

You should be using multi-factor authentication measures as well. These tools require you to use multiple forms of identification — such as your password, your fingerprint, or a code sent to your smartphone — in order to access your accounts. This ensures that even if a hacker manages to steal your passwords, they still won't be able to get into your accounts.