Patch and patch again to beat new wave of Trojans, says government

Banks have moved to strengthen their perimeter security following government warnings that businesses are at risk from a new wave of e-mail Trojans.

Banks have moved to strengthen their perimeter security following government warnings that businesses are at risk from a new wave of e-mail Trojans.

The Trojans are designed to surreptitiously gather economic and financial information from computer systems.

Officials from government body the National Infrastructure Security Co-ordination Centre met with security specialists from the major banks last week to advise on countermeasures.

Tom Salmond, IT security specialist at the Association of Payment Clearing Services, said, "It is not just the banking industry that is being targeted; it is any corporate that has access to information about IP or contracts that is targeted."

The attacks, which have been traced back to IP addresses in the Far East, are of an industrial scale, well organised and require a lot of resources, said Roger Cumming, director of NISCC.

"The attack is clearly not targeted at stealing money. It is aimed at gathering information. It is extremely well organised and requires quite a lot of resources to execute," he said.

NISCC called for concerted action by businesses in every sector to ensure they upgraded their anti-virus systems, downloaded the latest security patches and configured firewalls to block any unauthorised attempt to connect to their network.

The centre has mounted a behind the scenes programme to alert over 300 government and private sector organisations responsible for the UK's critical services to the risks. It has also worked with virus companies to ensure the Trojans are detected by anti-virus software.

"Our philosophy is that if everyone in the UK was to adopt our advice and install all the latest patches, that attack would not have any impact on UK plc," said Cumming.

Bank security chiefs are bolstering defences on their network and reminding staff about the dangers of opening suspicious e-mails.

"We are looking at how we can block this stuff at the perimeter. We are effectively doing content filtering," said one head of security.

"We are also being much more vigilant in terms of user awareness, particularly about opening unsolicited mail. Spoofing is an increasing threat," he added.

John Meakin, head of security at Standard Chartered Bank, said his bank was testing its intrusion detection systems, and vulnerability scanners.

"General good housekeeping would substantially mitigate the risks," he said.

The attackers have used a wide range of custom and existing Trojan software which has been modified in an attempt to evade anti-virus systems. The Trojans transmit information back across the internet, but specialists say the traffic is difficult to detect.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.