Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

Government issues hacker attack warning


Crucial systems and services in the UK are being targeted by hackers, the Government’s National Infrastructure Security Co-ordination Centre (NISCC) warned today, urging businesses and organisations to take more security precautions.

According to the NISCC, nearly 300 organisations belonging to the UK’s Critical National Infrastructure are undergoing a sustained and sophisticated attack from hackers, who use targeted e-mails to gain access to computers, either through an infected attachment, or a link to an infected web site.

“We have never seen anything like this in terms of the industrial scale of this series of attacks,” the NISCC’s director, Roger Cumming, told the Financial Times. “This is not a few hackers sitting in their bedrooms trying to steal bank account details from individuals. This is aimed at organisations, targeted at gaining information and is extremely well organised and well structured.”

The origin of the e-mails is hard to assess, but the NISCC has found that they are often linked to the Far East.

The purpose behind the attacks seems to be the gathering of information, and relies on the planting of a Trojan – a program that is installed onto a computer without the owner's knowledge. Once installed, the Trojan horse can carry out malicious acts or give another user remote control of the target computer.

NISCC is urging individuals and businesses to beef up their attack detection capabilities. Users should investigate unexpectedly slow machines, examine firewall logs and review mail server access logs for connections from unusual IP addresses, it says.

PC owners should also ensure that they make their systems as secure as possible by updating anti-virus definitions and software patches, educating users about e-mail attachments, and focusing security measures on those machines that contain sensitive information and are more likely to be targeted.

Elsewhere, a plethora of internet threat reports have been issued, most of which warn of an increase in phishing and pharming.

Phishing occurs when a fraudster sends an e-mail that contains a link to a fraudulent web site where users are asked to provide personal account information. The e-mail and web site are usually disguised to appear to recipients as though they are from a trusted service provider, financial institution or on-line merchant.

Pharming is a more recent phenomenon, taking advantage of vulnerabilities in web browsers to redirect users to fake web sites, even when they type the correct internet address into their browser.

Issuing the latest edition of its Internet Security Intelligence Briefing, domain registry VeriSign on Tuesday warned that criminals were employing more sophisticated tactics in response to anti-phishing countermeasures.

VeriSign warned of an attempt to poison the Domain Name System, or DNS, cache – one of the means to carry out a pharming attack. The attack was indicated by a 300% increase in probes of DNS servers, and coincided with users of certain web sites being redirected to a malicious web site that distributed spyware and adware.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.