As part of a worldwide crackdown on cybercrime, the National Crime Agency (NCA) has released information on its website advising members of the public to tighten up their internet security following a series of malware attacks.
The warning suggests that due to action being taken by the NCA and other similar authorities internationally, members of the public have around two weeks to become better protected against two known forms of malware attacks. The reports from the international crackdown show that the global network of infected computers has been significantly weakened. Advice surrounding the warning asserts that protecting computers from such attacks can be as simple as checking that the latest version of online security product has been installed and running scans to rid infected computers of the malware.
The universal investigation into the two forms of malware, known as GOZeuS and CryptoLocker, follows discoveries that GOZeuS (or P2PZeuS) was responsible for the fraudulent transfer of hundreds of millions of pounds. Current estimates indicate that around 15,000 computers in the UK are infected, putting thousands more at risk.
Action being taken internationally has led to the shutdown of a vast number of infected devices, making it much harder for the infected computers to ‘communicate’ with other infected computers or the cyber ciminals behind them.
Both GOZeuS and CryptoLocker typically infect computers when the users click on seemingly innocuous attachments or links in emails which may appear to have been sent by a genuine contact.
If the file or link is clicked on by an unprotected computer, GOZeuS will download and install, often without the user’s awareness. It will then link the newly infected computer to a network of infected devices and continue to attempt to infect further machines by generating emails with links/attachments and sending them to the newly infected unaware user’s contacts. Those emails will appear to come from the user, making them appear genuine. The malware then remains on the computer monitoring the user’s activity until the opportunity to capture private information, such as banking details, arises. This information can be transmitted back to the criminals via the network of infected computers.
Should the criminal not be able to obtain funds from the user in this way, the secondary form of malware, CryptoLocker, can be brought into action. CryptoLocker is downloaded at the same time as GOZeuS but works in the background, encrypting the unknowing user’s files. Once it has successfully encrypted all of the files, a pop-up message can be sent to the device in order to inform the user what has occurred and often attempts to ransom the files. The rate is approximately £200 – £300 for UK users to retrieve their personal files.
This warning has come just after reports of eBay being hacked and owners of Apple products being ransomed through the ‘find my iPhone’ app. This level of hacking was thought to be due to the common password issue, with people often using unsecure passwords (such as names) for a number of their accounts.
A recent speech made by the Queen touched on the Government’s intentions to impose harsher sentences on those found guilty of cyber crime. The proposals to amend the Computer Misuse Act 1980 include the ability to impose a sentence of life imprisonment for criminals caught committing ‘serious cyber crime’. The plans have received mixed responses. Some firms raising concerns in respect of the nature of the work of researchers fighting against cyber crime, as many of them could have faced charges under the proposed changes.
Cyber crime can be a serious and very complex area of criminal law. If you have been accused of partaking in cybercrime at any level, it is imperative that you seek the advice of a specialist solicitor as soon as possible. Early advice is often crucial. It may be that your device has been used in cybercrime, without your knowledge. Here at Farleys we have a specialist team of criminal defence solicitors who specialise in serious crime and can provide advice and representation 24 hours a day, 7 days a week on all areas of serious crime. For 24 hour advice via our emergency crime line, call 01254 606050.