‘Two weeks’ to block cyber-attack as criminal network seized 2 June 2014 Last updated at 15:34 Servers around the world were seized – but criminals will soon adapt, the NCA warns People have “two weeks” to protect themselves from a “powerful computer attack”, the UK’s National Crime Agency (NCA) has warned. Users are being told to take “immediate” action to protect their computers after US authorities seized a major criminal network. The FBI, working with the NCA, has taken control of a botnet used to steal personal and financial data. More than 15,000 machines in the UK are thought to have been infected to date. Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands. The action related to a strain of malware – meaning malicious software – known as Gameover Zeus. Its alternative names include GOZeus and P2PZeus. Hi-tech crime terms Bot – one of the individual computers in a botnet; bots are also called drones or zombies Botnet – a network of hijacked home computers, typically controlled by a criminal gang Malware – an abbreviation for malicious software ie a virus, trojan or worm that infects a PC Ransomware – like malware, but once in control it demands a fee to unclock a PC Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate – such as a bank – when it fact it is designed to trick a person into downloading malicious software. Once installed on a victim’s machine, Gameover Zeus will search specifically for files containing financial information. If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker – a ransomware program that locks a person’s machine until a fee is paid. Global action In what has been described as the biggest ever operation of its kind, servers all over the world were raided simultaneously by the authorities. The action meant they could direct what are known as Command and Control (C&C) servers – the machines that control the operation of the botnet. With the C&C servers under police control, criminals should temporarily be unable to manage the computers they hijacked – but only until they are able to set-up new C&C servers elsewhere. All computer users are being urged to make sure that the malware has not infected their machines. “This warning is not intended to cause you panic but we cannot over-stress the importance of taking these steps immediately,” said UK-based Get Safe Online, a government-backed organisation that has published a list of software it recommends for the task. “This is because the UK’s NCA has taken temporary control of the communications used to connect with infected computers, but expects only a very limited window of opportunity to ensure you are protected.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s