Two weeks to save your computer from major cyber attack

Computer users have under two weeks to save themselves from a cyber attack blamed for millions of pounds of fraud across the world.

The National Crime Agency teamed up with the FBI and other cybercrime experts to take down a criminal network’s ‘command-and-control’ – but admit they cannot keep it down for long.
More than 15,500 British computers have already been invaded. Many more, running on Windows, remain under threat from ‘botnets’, which can steal money from accounts without users’ knowledge.

In the US alone, gangs are thought to have taken $500million in fraudulent transactions in 2013.
It is not just bank details being targeted; webcams can be used to spy on you, and criminals may also seek to gain money through holding photographs, email accounts or information to ransom.

The gangs are thought to be based in Russia or Eastern Europe, using malware such as Gameover Zeus, GOZeus, or P2PZeus, and ransomware CryptoLocker. The FBI last night described the alleged ringleader, Evgeniy Bogachev, as one of the most active cyber criminals in the world and issued a ‘most wanted’ poster to seek his arrest.

The criminal network was discovered in 2011, and seizing it temporarily in Operation Tovar is said to have been ‘extremely costly’.

The NCA urged people to tighten their software security. It said its warning was not intended to cause panic but added: ‘We cannot over-stress the importance of taking these steps immediately.’

Steve Rawlinson, whose company Tagadab helped target the network said the criminals could get around the take-down in as little as a week. ‘The scale of this operation is unprecedented,’ he added.

Related Links:
http://metro.co.uk/2014/06/02/two-weeks
http://www.independent.co.uk/life-style/gadgets-and-tech/news/

Russian wanted over cybercrime botnet

The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.

Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers.

The charges came as authorities seized control of a botnet used to steal personal and financial data.

Computer users were urged to run checks to protect themselves from the threat.

In a press conference held on Monday, the US Department of Justice said it believed Mr. Bogachev was last known to be residing in Anapa, Russia.

Cooperation with Russian authorities had been "productive", a spokesman added.
In an entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat."

His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering.

The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers.

Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands.

Advice from Get Safe Online

  • Install internet security software from companies listed on Get Safe Online's Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
  • Do not open attachments in emails unless you are 100% certain that they are authentic
  • Make sure your internet security software is up-to-date and switched on at all times
  • Make sure your Windows operating system has the latest Microsoft updates applied
  • Make sure your software programs have the latest manufacturers' updates applied
  • Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
  • Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program

------------------------------------------------------------------------------------------
The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.

Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.

If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
----------------------------------------------------------------------------------------
Hi-tech crime terms

  • Bot - one of the individual computers in a botnet; bots are also called drones or zombies
  • Botnet - a network of hijacked home computers, typically controlled by a criminal gang
  • Malware - an abbreviation for malicious software i.e. a virus, Trojan or worm that infects a PC
  • Ransomware - like malware, but once in control it demands a fee to unlock a PC

Related Link:
http://www.bbc.co.uk/news/technology-27668260

« Who Wants To Run The NSA Now?
Beware Poodle Bug! »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

IntaForensics

IntaForensics

IntaForensics offer a full range of digital investigation services and are able to adapt to the individual needs of solicitors, private clients, Law Enforcement Agencies and commercial businesses.

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

SCADAfence

SCADAfence

SCADAfence offers cutting edge cybersecurity solutions designed to ensure the operational continuity of industrial (ICS/SCADA) networks.

Cyan Forensics

Cyan Forensics

Cyan Forensics provides digital forensics software to help police forces find evidence on computers many times faster than before.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

Belle de Mai Incubator

Belle de Mai Incubator

Belle de Mai Incubator supports and funds innovative startup ideas in digital industries.

Jerusalem Venture Partners (JVP)

Jerusalem Venture Partners (JVP)

JVP’s Center of Excellence in Be’er Sheva aims to identify, nurture and build the next wave of cyber security and big data companies to emerge out of Israel.

United Network Technologies

United Network Technologies

United Network Technologies is a leading Managed Services Provider, distributor and developer of specialised cyber security components and technologies.

RealCISO

RealCISO

RealCISO is a CISO grade cloud platform to help companies understand, manage, and mitigate their cyber risk.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.