GameOver Zeus and Cryptolocker

Is the NCA trying to panic us into action?

Trojan horse
GameOver Zeus is actually a “Trojan Horse” – malware that tricks you into installing it. It then attacks your system from the inside
Last week the National Crime Agency (NCA) claimed a huge victory over cyber criminals after they had managed to take control of a massive network of “bots”. Bots are anyone’s computers that have been infected with malware that allows the criminals to use them to further their aims. It appears that the main purposes of this bot ring were to attack people’s computers to steal financial information (using, for example, The GameOver Zeus virus) and/or to infect the computer with Cryptolocker. This encrypts the contents of the hard drive and a ransom is then demanded for the decryption. I wrote about Cryptolocker on 02/11/2013.

You can read the news item in several places, including here:

Mail Online
ITV News

My points are twofold:

FBI Wanted Poster
The FBI would like a word with this gent about GameOver Zeus and Cryptolocker
1) It appears to me that this story is being spun so that a success story about putting criminals out of action (even only temporarily) is being turned around so as to frighten everyone by saying, in effect, “they’ll be back in action in a couple of weeks. You’ve got just two weeks to make your computer safe before something terrible happens”. In fact, nothing bad has just happened and nothing bad will happen in two weeks that wouldn’t have happened anyway. Instead of crowing about their recent success, the powers that be have chosen instead to grab the publicity opportunity to frighten us about what may happen if we don’t pull our socks up, security-wise.

2) The steps that we are recommended to take are just the sensible, manageable, precautions that I have always recommended. That’s not to say that I’m such a clever clogs. It just means that we are not expected to perform Herculean tasks to keep the criminals out of our systems. We just need to be sensible and take our computer security seriously.

These are the steps that we should incorporate into our daily computing lives:

  • Always have antivirus software installed, running, and updated (unless you use a Mac)
  • Always install the latest operating system security updates. With modern versions of Windows these are completely automatic if your Windows is set up correctly.
  • Install any updates that are offered by Adobe Reader or Adobe FlashPlayer.
  • If you have Java installed, then always install any offered updates (but Java is falling out of favour as it is considered too much of a security risk. I’ve just un-installed it from my laptop and will see if that causes any problems in using any websites)
  • Take regular backups of any data that you wouldn’t want to lose (including photos, home movies, and emails if they are stored on your computer)
  • Do not open email attachments from people that you do not know or trust
  • Do not download anything from any website if you are at all suspicious
  • Do not download anything that seems to be too good to be true. If it seems too good to be true then it probably is too good to be true
  • Do not believe anyone phoning you up and claiming to be from Microsoft or any other organisation if they tell you that you have a virus and they’d like to help you remove it
  • Be very careful downloading any free software. Do you really want it? Do you really trust it? Moreover, take care when installing any free software. Never accept the “default” installation. Always choose the “custom” installation as this will probably give you a chance to reject other, unwanted, items that would otherwise be installed.
  • Do not – ever – use the same password for more than one account. Really. I mean it.
  • All passwords should be eight characters long (at the very least) and consist of at least two of the following four types of characters – uppercase letters, lowercase letters, numbers, symbols.

Another cartoon robber stealing away from laptopIf you can go through that list and tick every item then you are taking reasonable steps to safeguard your computer. I can’t guarantee that you won’t be attacked by something online, but it’s a bit like driving a car. You may be the best driver in the world and still be involved in an accident. Nevertheless, you’re certainly going to be a lot safer than someone who has never even learned any roadsense.

And you Mac owners shouldn’t be complacent, either. A lot of the traps that Windows users fall into are just as easy for Mac owners to fall into. Just because Macs don’t normally get viruses that doesn’t make it safe for you to re-use passwords, or open dodgy emails. A Mac owner can fall for a phishing scam just as easily as a Windows PC owner. And if Apple offer you system updates, then take them.