Developments in the case against alleged ringleaders of a cybercriminal gang thought to be behind some of the most successful computer malware attacks of recent years took a dramatic turn last week. US authorities revealed they had managed to disrupt one of the two largest global cybercrime botnets that uses Gameover Zeus and CryptoLocker malware to steal personal and financial data from people's computers. Good news you might think. Yet, lest anyone should relax, the UK's National Crime Agency (NCA) wasted no time warning users they probably only had "two weeks" to take appropriate security measures before the cybercriminal community was ready to resume their activities.
Unsurprisingly this caused widespread alarm among thousands of computer users everywhere. But it's small business that should pay closest attention because they have more at stake than most. It's not just that the safety of their financial data is crucial to their prosperity. Should they fall victim to the scams behind these attacks they may also find their bank shows them less sympathy than its consumer customers. This is because banks will often insure consumers against this kind of thing while a small business is expected to demonstrate responsibility for its own security by ensuring it has up-to-date patches and the latest data protection software in place. For this reason, if you are a business owner and are at all unsure of your security situation, I would recommend you call on a local IT professional for advice about whether there are any additional security steps you can take to further protect your financial information.
Gameover Zeus and CryptoLocker have been around in various forms for some time and, so long as it's kept up to date, most reputable antivirus software can detect the malware at source and prevent it from entering your systems. The malware is spread through drive-by downloads (downloads triggered by tricking the user into clicking on infected files or email attachments without them realizing it). It can also come from browsing a website that downloads malware onto any unprotected computer that visits that site. It is also distributed through cybercriminal spam botnets like the one disrupted by the FBI via phishing attacks, where cybercriminals send counterfeit emails that appear to be legitimate communications from well-known businesses and organizations.
For a small business the fake emails are the hardest thing to protect against. No matter how security savvy you may be yourself it only takes one unwary employee to be tricked into opening an infected email attachment because they thought it was from a legitimate source like FedEx, Companies House, the Tax Office or your bank. The file inside the attachment is disguised as a harmless pdf or doc file but is actually an executable file. Infected email attachments with minor modifications to the malware are generated by the virus developers on a daily basis. There is always a small window of time between when the infected emails attachments are sent and the antivirus program is updated to detect the new files. Moreover Gameover Zeus is designed to remain ''unseen'' by users. It does not prompt the user and does not disturb the operation of the PC.
This makes them particularly dangerous for small businesses whose information systems hold sensitive data of all their customers and partners. Since there is no easy way of telling an attack has happened until well after the fact Gameover Zeus has the potential to do a lot of harm to a business's bank balance and reputation.
So, as a business owner, what should you do?
1. Educate your employees - make sure they know to stay more vigilant when opening email attachments and to always check the file extension before opening
2. Allow software to update automatically - to be most effective all software applications and operating systems should be updated regularly. You should also use a reputable frequently updated anti-virus software or cloud-based security service
3. Use a spam- and virus-filtering email service
4. Always back up your files locally - additionally, if possible, use an online back-up service as a failsafe and make sure that everyone knows master copies of all important documents should be stored there
5. Always monitor bank & credit card statements - and report any suspicious transactions (no matter how small)