British investigators had been working with the FBI in an attempt to track the perpetrators of a series of on-going attacks and had succeeded in temporarily disrupting the botnets responsible for spreading the malware. However, the UK National Crime Agency (NCA) then announced the system could be back up and functioning within a fortnight, urging users to prepare for a ‘powerful computer attack’.
Behind the headlines
This was certainly the stuff of headlines: a two-week countdown to a potential doomsday scenario, public warnings from national crime agencies and details beginning to emerge of the suspected mastermind behind the attack – Evgeniy Bogachev, a Russian hacker whose profile reads like that of a Bond villain.
But despite the steady stream of security experts popping up to be interviewed on Sky News, the BBC and other news channels, how different was the threat posed by this attack from others we have witnessed in recent months?
The nature of the threat
Two pieces of malware were allegedly responsible for the attack, GOZeus and CryptoLocker, and both typically infiltrate a computer via an infected attachment or link within an email. Users were warned to remain vigilant, since these emails may appear to come from known contacts.
The NCA warned: “[The links or attachments] may look like they have been sent by genuine contacts and may purport to carry invoices, voicemail messages, or any file made to look innocuous.”
If activated, GOZeus sits silently on a PC, monitoring user activity and attempting to steal bank login credentials. Meanwhile, CryptoLocker is a ransomware Trojan that has been doing the rounds since the end of 2013. This software effectively hijacks a user’s data by encrypting files and redirecting to a payment portal where a fee can be paid to decrypt one’s documents.
How to protect yourself
Whilst the threat posed by this month’s cyber attack is certainly serious, our advice to users on how to best protect themselves does not differ substantially from the general recommendations we issue regarding internet security.
The three main areas are:
BACKUP YOUR DATA – Make sure your data is being backed up an a nightly basis. An online backup for business-critical data is also strongly advised.
CHECK ANTIVIRUS SOFTWARE – Ensure your antivirus software is being updated on a regular basis and that scanning is enabled on all devices. If you have any questions, please consult our support team.
UPDATE YOUR OPERATING SYSTEM – It is recommended that Windows updates be applied to all desktop operating systems. If you are unsure how to check, please ask. If you are still running XP, please upgrade!
Please remain vigilant and do not hesitate to contact us on the numbers below should you have any questions relating to the above threat.