internet security

What you need to know about Cryptolocker and GOZeus

What you need to know about Cryptolocker and GOZeus 150 150 Kerry Butters

Starting on May 30th a conglomerate of law enforcement agencies hailing from eleven different countries led by Europol and the FBI and with support from the private sector, have been working together to curb an online threat. Law enforcement, alongside Internet Service Providers and the Information Security industry, have been attempting to combat two specific malware groups – Cryptolocker and P2PZeuS (aka GameOverZeus).

Those malware groups however have been disrupted due to the efforts of law enforcement agencies. This isn’t to say the threat is negated however. Instead it marks a distinct shift in policing tactics and the number of countries working hand-in-hand shows just how seriously cyber crime is now considered.

Cryptolocker

This malware collective effectively holds your files hostage. An internet user will find those files inaccessible until they pay a ransom of one bitcoin, worth about $600 USD. This insidious threat is a pain and one that can be avoided – or at least that’s what the enforcement agencies believe.

P2PZeuS

This program is a sophisticated evolution of banking malware and it’s aimed at stealing financial information and other credentials that the criminal can then sell on in underground markets.

Both of the above malware programs have a distinct potential to cause havoc and readers that are interested can discover more here.

What’s being done?

The law enforcement agencies have a singular goal – to prevent infected computers from communicating with one another. This significantly has weakened the malware collective’s infrastructure in what’s an effective, but not definitive blow. This is effectively a stopgap and readers should understand that the malicious networks are likely to return to their former strength within weeks, if not days.

What’s interesting is the fact that so many law enforcement agencies have worked together to distil internet security. It marks a new era in collaboration and partnership that crosses borders and is unified by a common online goal – to make the internet safer. The global (and far reaching) ‘posse’ has coordinated attacks to disrupt or take over elements of the Command and Control infrastructure used to spread these malicious malware families. However the ‘internet police force’ cannot do all of this alone and every individual and computer has a role to play.

Check your systems

It’s worth checking your own system to ensure that you’re not already a victim. You can use this free tool to scan your computer for any threats and remove them if found. Readers can download the 32-bit systems or the 64-bit systems – whichever suits. The links are in the article linked.

Remember that we’ve all got a brief window of opportunity whilst the malware infrastructure is weakened. We’re all potential victims so you must make use of this momentary respite. Here’s a checklist of what you need to do:

1.     Use the clean up tools mentioned above

2.     Ensure that your OS is fully up to date – patches included

3.     Run effective (and up to date) security software

4.     Tell others and spread the word – explain the risks

All of the above are good practices anyway, so even if you find that your machine is not infected you’re also ensuring that you’ve got better protection from future malware threats.

National Crime Agency issues warning

The UK National Crime Agency (NCA) has released a advising Britons to prepare for a cyber attack storm in about two weeks time. The reason for this warning was that only the Botnet has been disrupted meaning that communication channels were broken. This even affected Evgeniy Bogachev – one of the minds behind GOZeuS.

Although significant disruptions have been managed online, there’ve been no arrests in the real world. It’s believed that the hackers will attempt to regroup and re-establish communication links with each other. They’ll also want to infect new systems to recreate the disrupted botnet.

Security companies are working with ISPs to identify any users that may be affected. If that’s you you’ll receive an email from your ISP stating that your system is infected and you’ll need to take appropriate action to eliminate the trojan.

Only Windows affected

If you’re running a Windows machine you run the risk of being targeted. Mac users and Linux users can relax as GOZeuS and Cryptolocker will affect Windows systems only.

Make sure that you check to see if you’re system is infected – don’t just wait for an email from your ISP. Being proactive at this point is perhaps your best defence. Use the links mentioned above or head over to GetSafeOnline (a government backed initiative) and download the tools you need to make sure your system is secure.

Just one quick thought – GetSafeOnline may be behaving erratically. This is due to the amount of traffic headed its way and the volume of downloads requested.

There’s a real danger here then and it’s worth taking it seriously. Change the password on your systems and any other passwords that you can really. It’s not worth taking the risk – but scan for malware first.

Update your system and backup your data as soon as you can and watch out for deceptive emails. Use caution and discretion when opening emails from unfamiliar sources and never click on links or open attachments that you’re not sure of.

Caution should be your watchword here. Use the information above to make sure that you’re not infected and keep a close eye out for any Cryptolocker/GOZeuS related problems – good luck.

A Rough Guide to Choosing Antivirus Software

A Rough Guide to Choosing Antivirus Software 150 150 Kerry Butters

If you’re a business working with any kind of private information – be it of your customers or your employees – then it’s essential that you have antivirus software installed on your business network. Digital crime is becoming increasingly sophisticated, and the very nature of the crime means that antivirus providers have to be reactive. Because of this, often the most important feature of antivirus software is that it updates regularly, ideally in real time.

There are plenty of antivirus options available to businesses, and it can be frustrating sorting through the pros and cons of each, so here’s a quick breakdown of some of our favourite antivirus software to make your decision easier.

What’s your budget?

The first decision that you have to make is whether you’re going to be able to pay for your antivirus or whether to go with a free package. Just because a product is free doesn’t mean it’s not secure – many of the free antivirus offers the same defence as paid alternatives – but it often means they only offer you defence. Paid options will often include other features such as password protection and file clean-up. So if you’re a small business or want to save money, quite often free antivirus may be enough for you. If you’re handling very sensitive information though, or have the money to splash out on more features, it’s worth considering the paid options as well.

Free Antivirus

AVG – Whilst AVG may appear a little complicated at the outset, it is actually very simple to use. The free package also comes bundled with a solid range of features. As well as the antivirus engine it offers an email scanner, identity theft protection and a ‘Suft-Shield’ that will keep you safe whilst browsing. Independent reviews are mixed, but never negative. Independent tester, AV-Comparatives rates it as an average package, whilst AV-test has suggested it’s better than some priced options. It’s up to you to decide which side you come down on, but the free version means you can do so without making a financial investment off the bat.

Bitdefender – A darling of the independent testing labs, Bitdefender offers one of the best antivirus engines around. The program itself downloads and installs very quickly (around a minute on a decent connection) and offers the user a very simple interface that provides automatic and on-demand scanning, anti-phishing protection, and the all-important real-time antivirus protection. However, there are very few manual controls available through Bitdefender, so if you think that your options may require some tinkering, this may not be for you.

Avast – Simple to install, with a simple interface and a minimal impact on system performance. Combined, these features have come together to make Avast’s free antivirus one of the most popular tools on the web. Avast also comes with some decent extras as well; A browser clean-up tool helps you remove any annoying add-ons and a software updater tells you if you miss any updates for your essential programs. A recent update from Avast has also seen the software become multilingual, supporting over ten languages, as well as offering users who want it more control.

FortiNet FortiClient – FortiNet are more widely known for their work in the corporate world, producing network security appliances, but they do also offer a free software option that, whilst it hasn’t done as well in some tests as the other antivirus on this list, it does run nicely alongside them, so can offer you a cheap second line of defence that isn’t going to mess with your primary antivirus.

Of these four, all but FortiNet have paid upgrades available for those who like the software but want more functionality. These come in at relatively similar pricing, with AVG at 29.99 (1 PC a year) Bitdefender at 24.95 (1 PC a year) and 54.95 (3 PC’s for 2 years) and Avast at 29.99 (1 PC a year) and 59.99 (3 PC’s for two years).

Paid Antivirus

Norton (39.99 – 1 year, 3 PC’s/64.99 – 2 years, 3 PC’s) – Norton’s main claim to fame is that it’s better than most software at preventing an initial infection. It also comes with a password manager, which can be very useful if you manage multiple accounts or use passwords that change regularly in your business. It also offers performance monitoring, so it’s easy to see what programs are hogging your resources. It’s a tempting prospect, but there is a caveat. Due to a dispute about the way its effectiveness is measured, Norton is no longer submitted for AV-Comparatives testing. As a result it’s harder to compare its effectiveness with other pieces of software effectively.

BullGuard (24.95 – 1 year, 1 PC/39.95 – 2 years, 1 PC) – The real highlight of Bullgard is its antivirus engine. The program has a minimal impact on your systems performance, and is rated as one of AV-Comparative’s top products from 2013. However, there are some issues: It lacks the configurability of some of its competitors, and also an interface cluttered with features which you can pay more to install (something which you shouldn’t have to experience with a paid-for service.). It’s also more costly than competitors if you wish to buy it for more than one computer (and more of a hassle, as you’ll have to buy two licences rather than one.)

Avira (25.99 – 1 Year, 1 user/38.99 – 2 years, 1 user/51.99 -3 years, 1 user) – The primary attraction of the Avira software is that it’s licenced by user rather than device. As a result, you can spread it over a lot more devices and save money. This is a particularly good investment if you’re looking to implement a bring-your-own-device policy within your business. It’s not the most attractive piece of software, and can be a little difficult to navigate at first. But once you know where everything is, it’s simple enough to use.

Avira does offer a free version as well, but the addition of cloud technology and email scanning to the paid version makes it much more attractive. The software itself is very potent, receiving an ‘Advanced+’ rating from AV-Comparatives and a good overall score from AV-Test.

Kaspersky (29.99 – 1 year, 1 PC/69.99 – 2 years, 3 PC’s) – A very configurable antivirus software, Kaspersky allows you to set up schedules for both quick and full computer scans. These scans are configured so that they will take a back seat if you’re running other programs, ensuring that the scans are never invasive or annoying. There’s also a plethora of extras; vulnerability scan, PC cleaning, rescue disks and browsing protection are just a few of the features available to the user. Kaspersky also won AV-Comparatives “Product of the Year” in 2013, so the 2014 version has an excellent pedigree

First Aid

Emisoft Emergency Kit – Whilst antivirus software will do everything it can to protect your computer from harm, there is no such thing as a 100% detection rate, especially when it comes to user intervention. For those situations when your antivirus doesn’t cut it, you should always have a second tool, like the Emisoft Emergency Kit, at hand. The program works to clean your computer of any compromising malware or viruses, and actually achieved a 100% detection rate in a recent test by AV-Comparatives.

Your decision

Any of these pieces of software will defend your network from a substantial amount of threats, it’s up to you to decide which features most benefit you and your business. However, as a caveat, do remember that whilst antivirus software is a necessary and important part of your business, often the best antivirus is common sense. If you educate yourself and your employees about safe browsing, you are much less likely to encounter threats on the internet, and your business will benefit hugely from added safety as a result.






    captcha