Game Over, Zeus

By Bruce Anderson , Special for USDR

A little over a week ago, the U.S. Justice Department announced an international law enforcement mission designed to stop the GameOver ZeuS virus, which had infected 500,000 to 1 million PCs. Users with infected PCs saw their personal data, sensitive documents, and online banking passwords hacked. Some were even blackmailed for the release of their files. Finally, the hacked PCs were also being used by spammers to extort money from users.

According to U.S. Justice Department statistics, GameOverZeuS is tied to personal and businesses losses of over $100 million. While users of infected PCs felt a real and devastating loss from this latest cyberattack, the rest of us feel frustration that this sort of thing continues to happen and that criminals get away with it, at least for a little while.

Why do these sort of attacks continue to happen?

Unfortunately, as long as these sort of hacks continue to provide income, hackers will continue to try them. From the hacker’s end, there is little work that needs to be done to set up a hack. Once a PC is infected, it will harvest sensitive data for the hacker who can sit back and earn passive income from his work. This also makes it attractive to organized crime.

The Target data breach of 2013 was purportedly backed by Russian mobsters. Indeed, the Russian mobsters have the financial resources, time, and skills to create large-scale global hacks like the GameOver Zeus Virus. Many are former KGB officers who realized they could use the information and computing skills they had gleaned from spy careers to earn revenue as hackers, CNN reports.

What does it feel like the attack notifications come after the damage is already done?
It always feels like you only receive notice or confirmation after your computer or email account is already infected with a virus. While anti-virus programs can recognize and respond to existing malware and virus strains in a matter of minutes, they cannot immediately recognize something they have never seen before. These types of threats are called Zero Day attacks and can take as long as 2-3 days in the wild before an anti-virus program to detect the new strain of malware or virus. Meanwhile, the virus has already worked its way through your computer, compromised your system, spread through your computer to others, and sent sensitive information to hackers.

There is a steep price attached to this sort of crime. As in GameOverZeuS, users are being subjected to blackmail and extortion to gain access to their sensitive documents. Many users have also suffered a financial loss. While credit card companies and banks can work with users to restore and funds that were missing as a result of the hack, this can take weeks. There is still a real, short-term financial loss that can affect the ability to pay bills. Finally, personal identity and reputation can become damaged as a result of the virus. If the virus spread from your work email account, clients may see you in a negative light. I our personal information is stolen and someone impersonates you, it can impact your reputation online and in the real world.

How can we protect ourselves from these attacks in the future?

There are many different methods you can use to protect yourself against cyber attacks. Taken together, they provide some measure of security and peace of mind that your computer, your financial assets, and your identity are safe.

a. Use secure passwords: Many hackers take advantage of weak passwords that are easily guessed. Ensure that any account password is strong. If you’re not likely to remember a complicated password, use a password utility (such as LastPass) that automatically stores and remembers passwords for you. While users continue to hear this warning, statistics show that users are still using simple passwords to protect valuable information.

b. Keep your browsers patched and up to date: Hackers also take advantage of outdated software, which may have security loopholes that facilitate access. By regularly culling cookies and using anti XSS plugins, and anti-phishing plugins you increased your safety when browsing the internet.

c. Stay away from malicious links: Phishing emails can mimic emails from known companies in an attempt to get you to click on a link that infects your computer. Imagine you getting an email from your sister or your immediate boss with a believable message, most people will open the email.

d. Keep your anti-virus up To date: Your anti-virus software is a first-line defense to attacks. By keeping it up to date and by ensuring it routinely scans your computer, you’ll be able to remove malware and viruses to minimize your exposure. However, they are not the answer to all of your problems as advanced hackers can very easily bypass anti-virus by obfuscating and compressing the information sent to your computer.

e. Keep your computer networks up to date: Regularly updating networks to the latest software ensures that they are protected by the latest security measures, minimizing your exposure.

f. Keep your applications up to date: Just as old browsers have loopholes, old software can have loopholes that make it easier to infiltrate. Keep any applications up to date and strongly consider removing any applications that you no longer use so they cannot expose you to risk.

g. Put your network behind a next generation firewall: As gatekeepers to your network, firewalls examine packets of data that attempt to access your network. They can deny access to suspicious traffic and can also block certain applications from accessing the internet.

h. Consider having your network monitored similar to an alarm system on your house: If all of this seems like a lot of work, a network monitoring system may be a good idea. These types of services monitor your network and alert you of any suspicious activity, and then remediate the threat for you.

While these attacks are scary, you must accept responsibility for your sensitive data or risk losing it to a hacker. Cyber security experts can help you take these actions to protect your data through a 24/7/365 monitoring services that can protect your home our business network.

Author Bio: Bruce Anderson is a Senior Security Analyst and co-founder of Cyber Security www.CISCyberSecurity and Cyber Investigation Services LLC,. His firm is a leader in Cyber Security consulting, Managed Security Services and cyber investigations in US, UK, & Canada. Mr. Anderson is licensed as a Certified Ethical Hacker and Certified Security Analyst and is a nationally recognized speaker on cyber security matters. For more information on their services or speaking requests contact sales@ciscybersecurity.com.
Sources: http://money.cnn.com/2011/07/27/technology/organized_cybercrime/

All opinions expressed on USDR are those of the author and not necessarily those of US Daily Review.

Leave a comment

Your email address will not be published.

*