UK computer users have 'two-week period' to protect themselves from major computer virus

[Gambit]

The UK has a "two-week period" to protect itself from a major computer virus that could give hackers access to sensitive information, it emerged tonight.

The National Crime Agency said internet users should "protect themselves against powerful malicious software" by checking that their anti-virus software is up-to-date.

They should also run scans to ensure that all applications are running correctly. The virus has the potential to cost the country millions of pounds and could lead to people's financial details and photographs being stolen.

The move comes after the FBI in the US was successful in disrupting a hacking network, making security updates by users particularly effective in the short term.

The viruses in question are known as GOZeuS and CryptoLocker, with the first hiding within attachments in emails that when open give computer access to hackers, who use the software to scan devices for valuable information.

CryptoLocker is a secondary threat that activates if no valuable data is found, and this malware locks the computer, demanding a ransom to grant access again.

Lamar Bailey, director of security research and development at software company Tripwire, said: "The design of these malware packages make it nearly impossible to completely wipe out, but a coordinated attack can cause damage.

"While these organisations are attacking the command and control severs, countries are rolling out a massive consumer education programme to help clean up infected systems and reduce the number of vulnerable systems available for infection.

"The plan is to attack the parasite hard for two weeks while removing as many viable hosts as possible at the same time so that propagation targets will be limited after the attacks subside.

"This will not eliminate the malware but could in theory make it much harder for the operators to use and could cause massive financial loss for them."

 

 

UK-based internet awareness group Get Safe Online also posted on its own website, asking users to pay attention to the advice and take advantage of this event to improve their security. The group has posted advice on monitoring potentially malicious email, as well as links to free anti-virus software.

"This warning is not intended to cause you panic but we cannot over-stress the importance of taking these steps immediately," said Get Safe Online in a statement.

"This is because the UK's National Crime Agency has taken temporary control of the communications used to connect with infected computers, but expects only a very limited window of opportunity to ensure you are protected."

The web has been the victim of several serious security breaches in recent months, with the effects of the Heartbleed bug still being felt.

The bug took advantage of a flaw in the OpenSSL software that is designed to encrypt and protect data as it is exchanged online. Several websites, including parental advice site Mumsnet, were hacked as a result of the flaw.

Andy Archibald, Deputy Director of the NCA's National Cyber Crime Unit, said: "Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them.

"Whether you find online security complicated or confusing, or simply haven't thought about keeping your personal or office computers safe for a while, now is the time to take action.

"Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails."

"Those committing cyber crime impacting the UK are often highly-skilled and operating from abroad. To respond to this threat, the NCA is working closely with law enforcement colleagues all over the world, and developing important relationships with the private sector."

 

 

 

Sensitive information ???

Depends how you look at midget !Removed! I guess I will send them it for free no need to try steal it ;) 

[JusNoGood]

Lol to the midget !Removed! :)

Bit of an odd one this...they're announcing it like a game launch. If I had spent a while building a virus then it was announced on the news I'd launch it right away...I wouldn't say 'UK launch date is in two weeks and they're going to jolly well wait for it'

[Gambit]

Well a mate of mine who works in networking was saying he doesn't get this hole news thing either. I was on about it to him saying I think it's strange how they are almost scaremongering people with it, there's millions of virus and ways to get them and this is sent via an email  if I get an email from anyone I don't know or even if I do if I'm not expecting a file from them I don't open it easy as that really. But he was saying it's like the unwritten rule you don't publish the viruses because it's like making them famous for it which might inspire others then to go onto it, normally the virus companies and firewalls get looking at the update to stop it and get it out and move on with nothing ever said. It's almost like the millenium bug thing nothing to write about in the news to scare anyone with terror attacks lets just run with it. 

 

But on a plus note just sending my details I've won the Nigerian lottery WHOOP-WHOOP!  ;)

[JusNoGood]

Yea, I think perhaps Joe public need a kick up the back side. I kept telling my mum not to send me emails with links and attachments and to be careful. She got a mail clicked through and typed in her email password....and they took control of her email account.  She told me the next day and I panicked her more by telling her change her bank password and any other one she used the email account for.  :)

 

It took her about a month of fluffing around to get control of the email account back. So I think she's learnt her lesson now 

[Gambit]

My daughters friend locked her out of her email account took me !Removed! ages speaking Microsoft to sort the email reset password out :( 

And I agree it's not too difficult to keep your computer safe :) 

[bitman]

The UK has a "two-week period" to protect itself from a major computer virus that could give hackers access to sensitive information,

 

as if internet has any boundaries...    good luck

[Gambit]

Thats true :) 

[Jay762]

think the advertising may be off the back of the websites complaining at the last attack - no warning etc but as said before in the posts viruses have been around almost as long as the internet so standard approaches to security and caution with unsolicited emails will continue to be the most effective way day to day

[bitman]

listen to episode #458;

https://www.grc.com/securitynow.htm

 

or view episode #458;

[Gambit]

I won't lie I don't even know what Truecrypt is :)  

[bitman]

I won't lie I don't even know what Truecrypt is :)

 

Steve talks about this "2 weeks computer virus" in the beginning of this podcast.

 

Don't listen to much to Leo as he is a bit of a commercial troll IMHO

[Gambit]

Oh right  

I will give it another listen I didn't know which guy went on about it and it's pretty long :)  

[Jay762]

I gave the vid 17 minutes, as I am interested to understand an external viewpoint...

 

Is there an exec overview of the blog points as it got a little too onerous for me? Sorry as Steve clearly knows his stuff but I could do with a key points summary. 

[bitman]

yep, yep;

 

http://twit.tv/sn

 

and show notes; http://twit.tv/show/security-now/458

 

but best info can be found on Steve his own web site; https://www.grc.com where you can search for topics