Latest Posts

Latest Comments


Protect yourself against the UK cyber attack


Posted by |

Unless you’ve had your head in the ground, you can’t have failed to have heard that the UK could be the target of the biggest cyber attack ever in the forthcoming week or so.

British investigators have been working with the FBI to trace the hackers behind the infamous GOZeus and CryptoLocker botnets. While the enforcement team has managed to temporarily disrupt the botnets, they estimate that between 500,000 and one million machines have already been infected worldwide. It’s thought that the criminals behind the scam, which enables them to gain access to personal bank details, have defrauded people out of more than £60m worldwide.

But bringing down the botnets isn’t the end of it. According to the UK’s National Crime Agency, people have just two weeks before the botnets could be functioning again. The agency is urging people to protect their computers from an expected and “powerful computer attack.”

GOZeus and CryptoLocker are among the most sophisticated examples of advanced malware around. Both have been created to defraud and steal money from their victims, using two different mechanisms:

GOZeus is financial malware: once the victim is compromised the malware is resident on the user’s computer. It observes and records information such as bank account and credit card details. The stolen data is used by the attacker to illegitimately withdraw money from the victim’s account.

CryptoLocker is ransomware: Once the endpoint is compromised, the malware encrypts the hard disk of the infected computer, making it inaccessible to the legitimate owner. In order to decrypt the hard disk and retrieve the data, the victim must pay a ransom.

The issue for businesses is that while GOZeus is typically aimed at end-users, CryptoLocker could have huge ramifications for organisations. Imagine the impact of fraudsters obtaining access to a corporate server or storage disk and holding that data to ransom? That’s not to say that organisations can ignore the threat of GOZeus, the opposite is true – any company whose users access the network with a personal device is at risk.

So what can you do to ensure that you’re not a target or a victim of the UK’s largest cyber attack? There are some simple remedial actions that you can take now.

  1. Beware of emails similar to the one below, claiming an unpaid invoice. Opening the link will download the malware
  2. Ensure your operating system is up to date with latest patches applied
  3. Ensure your anti-virus product is functioning properly and signatures are up to date
  4. Ensure other windows applications such as Adobe, Java and your browser are up to date
  5. Backup any critical data on your laptop to protect against CryptoLocker ransom malware
  6. Consider scanning your entire network for advanced malware. Redcentric customers can rest assured that we can undertake this for them
  7. Be wary of email from untrusted or unrecognised senders and do not run attachments or click on URL’s
  8. Additional advice can be accessed from www.getsafeonline.org a government approved website. You can download free scanners from major vendors to scan PCs to detect the presence of malware
  9. Check bank statements regularly and notify your bank immediately of any unrecognised payments
  10. Ensure any online banking activity uses two-factor authentication

malware email image

Whether you’re a company or individual, two weeks warning is ample time to ensure that you and your technology is protected. Let’s stay ahead of the scammers and ensure you’re not a target. Until the next time at least...



Post a comment

Comment submitted! Comments needs approval before being displayed.