Global and National action against 'Cyber Crime'
You may well have seen in the national media that a major campaign has been launched in relation to ‘Cyber Crime’. Unsurprisingly the National Crime Agency (NCA) is taking the lead through its National Cyber Crime Unit (NCCU).
This campaign is being driven globally with action being taken to ‘stun’ two strains of malicious software, known as generally as ‘malware’, across eleven countries including the UK, USA & Canada to name but three.
Over the coming weeks there will be more activity. National Neighbourhood Watch Week runs this year from 14th to 22nd June 2014 and the theme is ‘Fraud & Cyber Crime’. More of this later in the run up to the week in question.
In the meantime please see below a little more information and guidance with regard to the security of your computers and links to other sites that will assist you in running checks on your machines, and advice on what to do if you have a concern.
The activity announced in the media on 2/6/2014 provides an ideal window of opportunity for members of the public to clean their computers. Over 15,800 computers are known to be infected in the UK with the ‘Zeus GameOver’ malware. This is also known by the names P2PZeus or GOZ. This particular piece of malware allows criminals to steal money from online accounts, capture passwords and personal data, turn on webcams remotely, or even morph into ransomware (such as CryptoLocker) that encrypts all the user’s files. With CryptoLocker once all the files are encrypted the software displays a notification that a ransom must be paid if the user wants to access their files again. The encryption used is so strong that it cannot be broken using current technology without the key (password) held by the criminals.
The advice below is particularly pertinent now, but holds, in general, as sound advice. It should be understood that this action will NOT remove the malware from victim’s computers, but will provide the ideal window of opportunity for you to update and clean your own computer systems
Update operating system ASAP, and check for updates weekly. These are free.
Install/Update Anti Virus or Security Software. This can be free for basic protection. It is recommended this is updated daily or ideally set to update automatically.
Use caution before clicking on unsolicited email attachments or hyperlinks… they are one of the most common ways to get infected.
Visit http://www.getsafeonline.org/ and run a clean-up tool of your choice. This excellent and trustworthy site provides plain English explanations, advice and host links to companies who have supported this activity and are offering clean up tools for free.
If people discover they have been infected with malware they should be advised to report it to http://www.actionfraud.police.uk/. They should also notify their bank and change all their passwords.
General password advice: the strongest passwords tend to be phrases, which are easier to remember, with a mixture of numbers letters and other characters.
Anyone who has been infected (whether they've paid a ransom or not) should ensure they still update their operating systems and run Anti Virus/Security software on their vulnerable machine.
For CryptoLocker, prevention is better than cure. Users should backup copies of their most important files to a non-networked system (e.g. record on DVD or external hard drive that is unplugged once backed up).
Beware cold-calling from people offering to fix or remotely clean computers. This is invariably a scam. Always be sure of who is calling and if any doubt don’t grant them access to your computer. None of the legitimate tools designed to protect users require remote access to the computer. Members of the public should always seek advice from http://www.getsafeonline.org/ before taking unfamiliar steps.
· At present this specific malware only affects Windows computers, but diligence is advised on all operating systems (including smartphones) as criminals seek to exploit every available platform.