Businesses in the U.K. face a sophisticated series of targeted Trojan e-mail attacks originating from somewhere in Asia.
The nation’s National Infrastructure Security Coordination Center (NISCC) has advised the British government and businesses that they are being targeted by a series of cyberattacks.
These Trojans have been seen in e-mail attachments or through links to a malicious web site. NISCC believes the Trojans would be used to covertly gather business and government data from machines they infect.
Showing a level of sophistication, the e-mails spoof sender addresses, and purport to contain relevant information in an attempt to coerce recipients into opening the attachments or visiting the criminal web sites.
Antivirus and firewalls may not completely protect against these Trojans. Researchers think the Trojans can be modified to avoid antivirus scans, and will use common ports to communicate back to their creators through a firewall.
The NISCC says it is working with Computer Emergency Response Teams worldwide in an effort to shutdown the IP addresses used to send and control the Trojans.
“We see more than a dozen new pieces of malware capable of stealing highly valuable and sensitive information every day,” said Carole Theriault, security consultant at Sophos.
“Trojans which allow unauthorised remote access to a computer pose a serious risk to all businesses. While it’s worrying that the UK’s critical infrastructure could be at risk, this also serves as a reminder to all UK businesses that they must keep their systems secure to avoid confidentiality leaks.”
NISCC director Roger Cumming said the agency could not name the countries of origin for the attacks without more evidence.
David Utter is a staff writer for Murdok covering technology and business. Email him here.
