Gameover Zeus Botnet Illustrates Need for Heightened Internet Security

By Bruce Anderson, Special for USDR

The U.S. Justice Department announced on June 2, 2014, that anywhere between 500,000 and 1 million machines worldwide were affected by the Gameover Zeus virus, which stole banking passwords, and CryptoLocker, which encrypted files and blackmailed the users for their release.

In a joint effort of the FBI, Europol and the National Crime Agency of the U.K., investigators launched a multinational counteroffensive against the cyber criminals and disrupted the Gameover Zeus botnet, which was formed with infected computers from around the world.

Authorities filed criminal charges including conspiracy, computer hacking and bank fraud against Evgeniy Mikhailovich Bogachev of the Russian Federation, citing him as the administrator of the Gameover Zero botnet.

The Department of Homeland Security’s Computer Emergency Readiness Team has set up a website at https://www.us-cert.gov/gameoverzeus that victims of the Gameover Zeus virus can visit to gain assistance in eliminating the malware from their computers.

Why do these attacks continue to pop up and do damage?
– Driven By Financial Motivations (Hackonomics)
Hackers possess special skills and knowledge that enable them to penetrate computer systems. In some cases, hackers’ motivation may move beyond mere curiosity as they use their abilities for financial gain.

The RAND Corporation and Juniper Networks issued a report entitled “Hackonomics: A First-of-Its-Kind Economic Analysis of the Cyber Black Markets” in March 2014. The report notes that the cyber black market is more profitable than sales of illegal drugs globally. RAND reported that hacker black markets are reaching a level of economic maturity that’s comparable to other free and open markets. Their strength can be attributed in part to criminals’ use of social networks, such as to advertise or exchange stolen credit card information anonymously from any location.

– Driven By Organized Crime
Wherever there’s money to be made, you can rest assured that criminals will swarm in to get a piece of the action.

Gordon M. Snow, Assistant Director of the FBI’s Cyber Division, testified that criminals are forming organized groups that they can keep trust and keep private. They bring together individuals with a variety of skills to pull off increasingly complex cyber crimes.

Not only are cyber criminals becoming more skilled at remotely penetrating systems, they are improving their abilities to trick targets into exposing their own systems to attack.

Why does it seem like the notifications are always too late?
Computer users may be lulled into a false sense of security when they install anti-virus software on their systems. Signature-based anti-virus approaches do not pick up new strains of malware.

As many as 2 to 3 days can pass before the security industry is able to decipher what is going on with the latest malware release. By that time, unfortunately, it has spread globally. Moreover, the longer casual computer users go without learning about the latest malware, the more chance viruses have of gaining a foothold in their systems.

Can you put a price on Internet protection?
Malware attacks hit us on many fronts. Victims are exposed to identity theft, enabling criminals to drain their bank accounts and open new lines of credit in their name. Hackers will use stolen information and account logins to damage a victim’s reputation, such as by sending out fraudulent email in their name.

Cyber criminals also resort to blackmail and extortion. For example, they could use a virus like the aforementioned CryptoLocker virus that held people’s files hostage until they paid up. Other criminals will override the built-in camera on a victim’s laptop and use it to take incriminating and embarrassing images and videos, demanding money to prevent their release.

How can we protect ourselves against these constant attacks?
We have a variety of means at our disposal to safeguard our computer systems and keep our private and sensitive information out of the hands of cyber criminals:

* Use secure passwords. Never use a word that appears in a dictionary for your password. It’s best to use passwords that include letters and numbers. For added security, make a password by combining several unrelated words.

You could also generate a passphrase by taking the first letter of each word in a phrase. Don’t use the same password for all your accounts, and change your passwords on a regular basis.

* Keep your browsers patched and up-to-date. Criminals find weaknesses in older versions of software, so it pays to stay on top of new releases.

* Utilize anti-XSS plug-ins in your browser. They help protect against cross- site scripting attacks when you are browsing websites.

* Use cookie cutters. These utilities enable you to selectively edit your cookie files. This is beneficial, since people sometimes avoid deleting all their cookies, because doing so makes it more convenient for them to visit websites without logging in or needing to reset their preferences for any particular site.

* Take steps to protect your privacy. For example, attach a lens cover or a piece of opaque tape over the lens on your desktop or laptop computer in case criminals use malware to take over the camera.

* Stay away from malicious links. If you receive a link via email or text from someone you don’t recognize, resist the temptation to click it. Criminals use malicious links to send you to websites that attempt to install malware on your computer.

* Always update your anti-virus software. You can typically set it up to automatically update whenever a new release is available. Keeping this valuable resource current will help ensure you stay ahead of many types of malware.
However, you should remember that anti-virus companies can’t catch everything in time, so pay attention to how your computer is functioning, as degraded performance could indicate a malware attack.

* Keep your computer networks up-to-date as well. Using the latest version of software and operating systems ensures that you have a measure of protection against emerging malware threats.

* Update your applications. No software is 100 percent perfect, and criminals have plenty of time to find and exploit weaknesses in a variety of applications in unpredictable ways.

* Put your network behind a Next-Generation Firewall. It uses deep packet inspection combined with an intrusion prevention system and control over applications. You need to install the most robust firewall system to keep out intruders and protect your critical information from exposure and theft.

* Consider having your network monitored, in a fashion similar to the alarm systems used to protect people’s homes. Managed Security Service Providers provide you with 24/7/365 monitoring of your critical data, external and internal threats and then mitigate those threats by sorting out “false positives” from real threats.
By taking the necessary precautions to keep your computer system safe from Internet intrusions, you reduce the risk of identity theft, financial loss, damage to your reputation and significant downtime from repairing damage caused by cyber criminals.

Author Bio
Bruce Anderson is a Senior Security Analyst and co-founder of CIS Cyber Security, www.CISCyberSecurity and Cyber Investigation Services LLC. His firm is a leader in cyber security consulting, managed security services and cyber investigations in the U.S., U.K. and Canada. Mr. Anderson is licensed as a Certified Ethical Hacker and Certified Security Analyst and is a nationally recognized speaker on cyber security matters. For more information on Cyber Security for your organization or to make requests for speaking engagements, contact sales@ciscybersecurity.com.

All opinions expressed on USDR are those of the author and not necessarily those of US Daily Review.

Leave a comment

Your email address will not be published.

*