Two weeks to save your computer from major cyber attack

Computer users have under two weeks to save themselves from a cyber attack blamed for millions of pounds of fraud across the world.

The National Crime Agency teamed up with the FBI and other cybercrime experts to take down a criminal network’s ‘command-and-control’ – but admit they cannot keep it down for long.
More than 15,500 British computers have already been invaded. Many more, running on Windows, remain under threat from ‘botnets’, which can steal money from accounts without users’ knowledge.

In the US alone, gangs are thought to have taken $500million in fraudulent transactions in 2013.
It is not just bank details being targeted; webcams can be used to spy on you, and criminals may also seek to gain money through holding photographs, email accounts or information to ransom.

The gangs are thought to be based in Russia or Eastern Europe, using malware such as Gameover Zeus, GOZeus, or P2PZeus, and ransomware CryptoLocker. The FBI last night described the alleged ringleader, Evgeniy Bogachev, as one of the most active cyber criminals in the world and issued a ‘most wanted’ poster to seek his arrest.

The criminal network was discovered in 2011, and seizing it temporarily in Operation Tovar is said to have been ‘extremely costly’.

The NCA urged people to tighten their software security. It said its warning was not intended to cause panic but added: ‘We cannot over-stress the importance of taking these steps immediately.’

Steve Rawlinson, whose company Tagadab helped target the network said the criminals could get around the take-down in as little as a week. ‘The scale of this operation is unprecedented,’ he added.

Related Links:
http://metro.co.uk/2014/06/02/two-weeks
http://www.independent.co.uk/life-style/gadgets-and-tech/news/

Russian wanted over cybercrime botnet

The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.

Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers.

The charges came as authorities seized control of a botnet used to steal personal and financial data.

Computer users were urged to run checks to protect themselves from the threat.

In a press conference held on Monday, the US Department of Justice said it believed Mr. Bogachev was last known to be residing in Anapa, Russia.

Cooperation with Russian authorities had been "productive", a spokesman added.
In an entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat."

His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering.

The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers.

Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands.

Advice from Get Safe Online

  • Install internet security software from companies listed on Get Safe Online's Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
  • Do not open attachments in emails unless you are 100% certain that they are authentic
  • Make sure your internet security software is up-to-date and switched on at all times
  • Make sure your Windows operating system has the latest Microsoft updates applied
  • Make sure your software programs have the latest manufacturers' updates applied
  • Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
  • Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program

------------------------------------------------------------------------------------------
The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.

Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.

If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
----------------------------------------------------------------------------------------
Hi-tech crime terms

  • Bot - one of the individual computers in a botnet; bots are also called drones or zombies
  • Botnet - a network of hijacked home computers, typically controlled by a criminal gang
  • Malware - an abbreviation for malicious software i.e. a virus, Trojan or worm that infects a PC
  • Ransomware - like malware, but once in control it demands a fee to unlock a PC

Related Link:
http://www.bbc.co.uk/news/technology-27668260

« Who Wants To Run The NSA Now?
Beware Poodle Bug! »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

Mako Group

Mako Group

The Mako Group specializes in protection - providing security through auditing, testing, and assessments. And, we do it all with the highest quality standards possible.

National Cyber Directorate Israel

National Cyber Directorate Israel

The Israeli National Cyber Directorate provides incident handling services for civilian entities and critical infrastructures and works to increase national resilience against cyber threats.

ISO Quality Services Ltd

ISO Quality Services Ltd

ISO Quality Services is an independent organisation that specialises in the implementation, certification and continued auditing of ISO and BS EN Management Standards including ISO 27001..

GuardKnox

GuardKnox

GuardKnox protects the users of connected vehicles against threats that can endanger their physical safety and the safety of their personal information.

DeepCyber

DeepCyber

DeepCyber supports its customers, with an “intelligence-driven” approach, to improve their proactive detection and response "capability" of cyber threats.

Cyber NYC

Cyber NYC

Cyber NYC is a suite of strategic investments to grow New York City’s cybersecurity workforce, help companies drive innovation, and build networks and community spaces.

Venrock

Venrock

Venrock helps entrepreneurs build some of the world's most disruptive, successful companies. We invest in technology: Security, Cloud Services, Big Data, Healthcare IT, AdTech.

Maven Security Consulting

Maven Security Consulting

Maven Security Consulting helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.

Shorebreak Security

Shorebreak Security

Shorebreak Securioty specialize in conducting highly accurate, safe, and reliable Information Security tests to determine the risks posed to your business.

BlueAlly

BlueAlly

BlueAlly helps clients scale, optimize, and manage their IT resources to reach their business goals.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Alpha Echo

Alpha Echo

Specialising in security advice and enterprise-wide Cyberworthiness, Alpha Echo helps Australia deliver on cyber outcomes at a military grade level.

Orca Tech

Orca Tech

Orca Tech brings together a portfolio of complimentary vendor in the IT security industry to help provide a complete solution to meet the requirements of our Partners across all sectors.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.

ThingsRecon

ThingsRecon

ThingsRecon empowers organisations to continuously map and manage their attack surface, uncover hidden vulnerabilities, and assess supplier cyber hygiene.