Friday, June 17, 2005

UK Targeted for Massive Trojan Attacks

UK businesses and government organizations have been targeted for network attacks, according to a warning from a British security agency.
The National Infrastructure Security Coordination Center (NISCC) has issued an alert detailing plans of malicious hackers residing in East Asia.
According to the agency, the attackers have developed Trojan horse programs designed to steal data from parts of the national infrastructure, which includes companies in the finance, transportation and telecommunications sectors as well as government agencies.
High Alert
The NISCC report noted that the attacks are ongoing, with the majority directed against the central government. Despite this focus, the agency warns that "other UK organizations, companies and individuals are also at risk."
Companies and organizations running Microsoft (Nasdaq: MSFT - news) software seem to be the most vulnerable, according to the NISCC, but no details were provided about how the Trojans might be infiltrating those systems in particular.
UK-based security firm Sophos was brought in to help the agency analyze the Trojans. The firm noted that, in every case, the malware's aim was to install either a keylogger or other data-capturing software and transmit information found back to the attacker.
Sophos reported that two-thirds of the Trojans were known, but that the other third were variants not seen before.
Surprising, But Expected
The alert itself is surprising, noted Sophos security consultant Carole Theriault, because it is unusual for the agency to issue such a serious warning.
But the Trojan threat is not news to those in the UK's security labs. "We've been banging on about Trojans for months," said Theriault. "It's great that someone else, especially someone that's not a vendor, is saying this is a serious problem."
Sophos has seen several serious Trojans and their variants for some time, she added, and more seem to arrive weekly. With the new alert gaining widespread attention, Theriault and others in the security community hope that users will take preventative measures.
"Awareness has been raised, and, even better, many media reports here are talking about what people can do to protect themselves," she said. "I hope to God that people take it seriously and start protecting their machines."

Written by: Elizabeth Millard, cio-today.com Fri Jun 17, 2:19 PM ET
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)