16 June 2005 The UK government today warned of an ongoing series of email-borne Trojan attacks on the country’s critical infrastructure, and called on businesses to redouble their security efforts.
The National Infrastructure Security Co-ordination Centre (NISCC) said in a statement that the malicious programs, which are delivered either as an attachment to an email or as a link and which exploit personal information on the user’s computer to appear legitimate, are specifically designed to retrieve ‘commercially or economically sensitive information’.
The attacks have been linked to IP addresses based in the Far-East, the statement said. While mainly targeted at government organisations, many have also been directed towards businesses.
NISCC warned that anti-virus software and firewalls would not ensure complete protection from this wave of Trojans. “There is no complete mitigation for computers connected to the Internet,” the statement reads.
At Information Age‘s Enterprise Security conference in May, Eric Perkins, head of IT security policy at the Foreign and Commonwealth Office (FCO), highlighted how the FCO had shut down all existing connections between its core internal systems and the Internet following a perpetual stream of attacks.
To reduce the potential damage, says the NISCC, businesses should focus their efforts on systems handling sensitive information such as commercial contracts, research and development and intellectual property rights.
Security measures recommended by NISCC include educating users not to open email attachments without prior communication with the sender, and to scan any attachments for viruses. The ‘AutoPreview’ capability in Outlook and other email systems clients should be turned off, and default options set to view emails as plain text.
The full report is available at http://www.niscc.gov.uk/niscc/docs/ttea.pdf.