High-tech criminals are targeting government and private sector organisations around the world, a UK government security outfit is warning. The National Infrastructure Security Co-ordination Centre (NISCC) has taken the unusual step in the UK of issuing a public warning to businesses to update the security of their computer systems to fend off
a wave of highly sophisticated e-mail Trojan attacks.
The NISCC identified nearly 300 UK government departments and businesses, which are critical, to the country’s infrastructure that have been the subject of Trojan horse attacks, which is believed to have originated in the Far East.
According to reports, the attacks could be the work of a single gang, which has so far attacked more than 50 countries across the globe. The gang is reportedly targeting major financial centres in different regions.
The Trojans are delivered to target organisations either via e-mail attachments or through links to web sites and can then be used by remote hackers to steal information and potentially launch further attacks. Once opened, an infected attachment can give attackers control over the machine, with the Trojans being used to collect user names and passwords, scan drives for documents, send data back to remote computers and launch
attacks on other machines.
The scale of these attacks appears to be increasing as well. Security firm Sophos, which has been advising the NISCC, said it has seen a threefold increase in the number of keylogging Trojans alone in the last year.
“We see more than a dozen new pieces of malware capable of stealing highly valuable and sensitive information every day,” said Carole Theriault, security consultant at Sophos. “Trojans, which allow unauthorised remote access to a computer, pose a serious risk to all businesses. While it’s worrying that the UK’s critical infrastructure could be at risk, this also serves as a reminder to all businesses that they must keep their systems secure to avoid confidentiality leaks. Every computer used for business must
be protected with up-to-date antivirus software and a firewall.”
“Malicious code is increasingly being written not just to cause a nuisance, but to steal money — whether targeting individual users of online banking or massive global corporations and government institutions,” she added.
The NISCC, which is part of MI5, has issued a number of guidelines for users to help avoid the attacks. Companies are being advised to ensure that their antivirus systems are up-to-date, make sure that they have the latest security patches and make sure that their
firewalls are properly configured to block unauthorised attempts to connect to their networks.
However, it is warning that these measures do not give complete protection: “There is no complete mitigation for computers connected to the internet,”it said in a report. The NISCC also said it is has been co-operating with agencies in other countries across the globe to block the attacks and to take down sites that could be used to distribute the Trojans.
