This month, the media has been awash with stories on cyber crime. The most recent and prevalent threats were the CryptoLocker Virus, which was intercepted by Europol’s European Cyber Crime Centre, and a piece of malware called GameOver Zeus, which the US government has described as the most “sophisticated and damaging botnet we have ever encountered”.
In the case GameOver Zeus, the group behind the attack crafted a phishing email to trick their way on to the victims' machines, often masquerading as urgent messages from government bodies.
Once the recipient clicked the email’s attachment or embedded link, the virus installed itself on the victim’s machine. US court documents say GameOver Zeus has caused $100m in losses to individuals and businesses since it first surfaced in 2007, with its primary purpose to capture banking credentials that would allow the hackers to steal huge sums of money and personal data.
CryptoLocker, on the other hand, is a piece of malicious software known as ‘ransomware’. Once installed, the malware encrypts data on an infected computer making it inaccessible until a ransom is paid. International security services estimate that almost $30m has already been extorted from people with infected computers.
With the World Cup in Brazil now underway, computer security software company MacAfee has pulled together a ‘red card club’ showcasing the top 11 Brazil-bound players considered to pose a significant online security threat.
According to MacAfee, football fans have a 3.7% chance of landing on a website that has tested positive for online threats and malware. For example, cyber criminals are most likely to use Cristiano Ronaldo to lure visitors to web pages designed to infect them with malware. Furthermore, sites purporting to offer screen saver downloads and videos of players are considered to be the most hazardous.
To mitigate the threat of scoring an inadvertent own goal this summer, web users can ensure a strong back line by implementing these four defensive principles:
- Use and maintain anti-virus software to protect your computer against most known viruses.
- Change your passwords regularly and make back-up copies of important files that cannot be replaced if lost.
- Beware of content that prompts you to download anything before providing you with the content. Instead opt to watch streaming videos or download content from official websites.
- Keep operating systems and application software up to date and use anti-malware tools to help eliminate infections. Install software patches so attackers cannot take advantage of known problem or vulnerabilities.
In the event you find yourself the victim of one of these malicious attacks, do not despair. The Computer Misuse Act, Data Protection Act and established criminal proceedings for blackmail and extortion can help ensure a strong and successful counter-attack.
Thomas Harris is digital forensics and security expert at Schillings
This was first published in June 2014