The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Monday, 16 September

Count-down to Disaster - NCA Opens Two Week Window to Prevent UK-wide £Millions Fraud

A week ago the UK's national Crime Agency (NCA)  announced a two week opportunity to reduce a threat from a powerful new computer attack - we are clearly now at one weeks' notice.

It urged businesses and members of the public to protect themselves against powerful malicious software (malware), which could potentially cost UK computer users millions of pounds.

Action taken by the NCA to combat the threat will allow a two-week opportunity to rid and safeguard themselves from two distinct but associated forms of malware known as GOZeuS and CryptoLocker.

Businesses and members of the public can protect themselves by making sure security software is installed and updated, by running scans and checking that computer operating systems and applications are up to date.

The NCA’s alert is part of one of the largest industry and law enforcement collaborations attempted to date. Activity in several countries, led by the FBI in the US, has weakened the global network of infected computers, meaning that action taken now to strengthen online safety can be particularly effective.

GOZeuS (also known as P2PZeuS) has been assessed as being responsible for the fraudulent transfer of hundreds of millions of pounds globally. Recent intelligence has suggested that more than 15,500 computers in the UK are currently infected, with many more potentially at risk.

By disrupting the system used by the infected computers to communicate with each other and the criminals controlling them, this activity aims to significantly reduce the malware’s effectiveness.

Individuals in the UK may receive notifications from their Internet Service Providers that they are a victim of this malware and are advised to back up all important information – such as files, photography and videos. Businesses should also test their incident responses and business resilience protocols and work with their IT departments or suppliers to educate employees on the potential threat.

 

Get Safe Online

Get Safe Online is providing advice, guidance and tools on its website at www.getsafeonline.org/nca to help internet users understand more about the malicious software and how to protect themselves their companies and their computers from attacks. A number of cyber security companies have supplied remediation tools, which can be accessed via Get Safe Online, to help clean up infected machines.

Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit, said: “Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two week window, huge numbers of people in the UK can stop that from happening to them.

“Whether you find online security complicated or confusing or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action. Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and think twice before clicking on links or attachments in unsolicited emails.”

Archibald continued: “Those committing cyber crime impacting the UK are often highly skilled and operating from abroad. To respond to this threat, the NCA is working closely with law enforcement colleagues all over the world, and developing important relationships with the private sector.”

 

GOZeuS and CryptoLocker

Users are typically infected by clicking on attachments or links in emails which may look like they have been sent by genuine contacts and may purport to carry invoices, voicemail messages or any file made to look innocuous. These emails are generated by other victims’ computers, who do not realise they are infected and are used to send mass emails creating more victims. 

If the file or link is clicked on an unprotected computer, GOZeuS is downloaded and installed and it will then link the victim’s computer to a network of already infected machines, known as a BotNet.

The malware waits silently, monitoring the user’s activity until the opportunity arises to capture banking or other private information, which is then transmitted back to the criminals via the BotNet infrastructure.

Where a computer infected with GOZeuS turns out not to offer a significant financial reward, it can ‘call in’ CryptoLocker, to give the criminal controllers a second opportunity to acquire funds from the victim.

CryptoLocker works unseen in the background, encrypting the user’s files. Once that process is complete, the victim is presented with a pop-up telling them what has happened and a timer appears on their screen, which starts counting down. That is the time the victim has in order to pay a ‘discounted’ ransom, currently one Bitcoin (£200-£300 approximately) for UK users.

Members of the public who think they have lost money through malware such as P2PZeus and Cryptolocker should report it to Action Fraud.

Article written by Brian Shillibeer

Share



Related Articles

Guide M 2014 Out Now

This week saw the eagerly awaited launch of Guide M by the Chartered Institution of Building Services Engineers. The event was held at the Royal Academy of Engineering in...

 Read Full Article
Towering Infernal - a Response

Mike Butterick of Glassolutions (the firm behind the project) responds to the problems encountered with the glass walkway at Tower Bridge - See Previous...

 Read Full Article
Serco's Lyons' Raw Reality and Ultimate Responsibility

The Serco Group has just announced that Chairman, Alastair Lyons, has informed the Board of his intention to step down once a new Chairman has been appointed. Serco is...

 Read Full Article
The Unseeing Eye - Scotland Yard Throws-up Mystery Buyer

New Scotland Yard has been sold off quicker than expected but the buyer remains a secret . The 1960s’ office block in the heart of Victoria and home to the...

 Read Full Article
If You Can See What I Can See When Them Cleaning Windows

According to the Daily Mail Online (and picked-up by most of the national media), two men were rescued from a collapsed window cleaning platform on the 69th...

 Read Full Article
Boy From Brazil Lifts London Trophy Building

Bids for the old Swiss Re building at 30 St Mary Axe aka The Gherkin were lodged recently from around the world with the expectation that a number of financial...

 Read Full Article
A Bolt from the Blue - Bad Press Day for Cheesegrater

As reported in a variety of media yesterday evening and this morning, part of a bolt - 'the size of a man's arm' - has fallen from the giant Cheesegrater...or...

 Read Full Article
Overtime Holiday Pay Tribunal Ruling in Brief

Workers have won an Employment Tribunal case that entitles them to have their holiday pay recalculated to include overtime payments rather than being paid at the flat...

 Read Full Article
Lack of FM Could Cost UK Circa £1 Billion

Research released today suggests that UK businesses could be losing out on savings of nearly £1 billion based on original research results produced by ComRes which...

 Read Full Article
Workplace Week Now On

This year’s Workplace Week, the annual week-long celebration of workplace innovation organised by AWA to raise money for Children in Need, started on Monday,...

 Read Full Article