News agencies are currently reporting on the imminent threat to computer users across the globe and we are being urged by the UK’s National Crime Agency (NCA) to protect our machines from the malware which allows hackers to steal financial data.
Two pieces of malware software known as GOZeuS and CryptoLocker that typically infect a computer via an attachment or link in an email are responsible for the alert. If a user clicks on GOZeuS, it silently monitors activity and tries to capture information such as bank details. “(The links or attachments) may look like they have been sent by genuine contacts and may purport to carry invoices, voicemail messages, or any file made to look innocuous,” the NCA warned in an interview with Sky News.
“These emails are generated by other victims’ computers, who do not realise they are infected, and are used to send mass emails creating more victims.”
The Cryptolocker malware is activated if the first attack is not profitable enough. It locks a user from their files and threatens to delete them unless a “ransom” of several hundred pounds is paid.
British investigators have been working with the FBI to trace the hackers behind ongoing attacks, and the botnet system used by the targets has been temporarily disrupted which gives us a window of opportunity of approximately 2 weeks to ensure we minimise the threat.
Stewart Garrick, a senior investigator with the NCA, told Sky News the threat was mainly against individuals or businesses running Windows-based computers.
“You now have a chance to clean up. The first thing you should do is update your operating system – especially if you’re on Windows, then look to scan your computer for viruses and it should be able to find it.”
We would like to reinforce this message. As with all attacks, prevention is better than cure, therefore we recommend that you take the following steps:
Ensure your company antivirus solution is up to date and that each machine on the network has the latest Antivirus and operating system updates applied.
Check that your server backups are correctly configured and that all data is being backed up off site each night.
Companies reiterate to users that before opening any email attachments, they check they are expected and that they are from a trusted source.
Should you have any questions, please do not hesitate to contact the Excalibur support desk who will be happy to answer any questions you have.