Network News

X My Profile
View More Activity

Britain's 'Critical Infrastructure' Under E-Mail Attack

Cyber-security officials in Great Britain issued an unusually dire alert today, warning that hackers are targeting e-mail-borne viruses against U.K. government agencies and high-profile British corporations with the aim of stealing sensitive and lucrative data.

The increasingly sophisticated attacks appear to be custom-made for each target, focusing specifically on individuals who have jobs working with commercially or economically sensitive data, according to a document released today by the National Infrastructure Security Co-ordination Centre. The attackers craft the e-mails so that they appear to originate from trusted contacts, news agencies or government departments, using distribution lists to target large numbers of recipients with similar interests, the report noted.

The NISCC -- the British equivalent of the Department of Homeland Security's National Cyber Security Division -- said it was releasing the information in the hope that companies and government computer users would be more vigilant about clicking on attached documents and Web links that arrive via e-mail.

"Parts of the U.K.'s critical national infrastructure are being targeted by an ongoing series of e-mail-borne electronic attacks. While the majority of the observed attacks have been against central government, other U.K. organizations, companies and individuals are also at risk."

The e-mails will often carry a short message urging the user to click on the Web link or attached file. The links and attachments attempt to download a "Trojan horse," a type of program named after the legendary stealth attack because it let hackers take quiet control of unsecured computers. Security firms have catalogued thousands of "Trojans" in recent years, and several new ones are spotted each week.

A wire story from the Associated Press quotes NISCC Director Rogert Cumming as saying, "We have never seen anything like this in terms of the industrial scale of this series of attacks. This is not a few hackers sitting in their bedroom trying to steal bank account details from individuals."

The AP piece notes that the NISCC traced the attacks back to computers in "the Far East," though those systems may not be the true source of the assaults, as hackers frequently route their attacks through multiple compromised computers.

Trojans can cause serious damage inside a network. They can be used to collect usernames and passwords, upload documents and data to a remote computer, even relay attacks against other computers and networks. Because most are configured to transmit data back to the attackers using the same methods as a common Internet browser, such communication is very hard to distinguish from regular outgoing Web traffic.

I've said it before, but it bears repeating: Never open, accept or download an e-mailed file or click on a Web link in an instant message if it comes from someone you don't know -- and even if you do know them, don't open it unless you know what the file or link is and were expecting it. If it comes from someone you know and you weren't expecting it, contact the sender by phone, e-mail or reply back to the message and ask what they're asking you to look at.

By Brian Krebs  |  June 16, 2005; 12:19 PM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Britney Spears Tops Celebrity Virus Ranking
Next: Canada, Australia Echo U.K. Cyber Attack Warnings

Comments

Interesting article. Thanks for printing it!

Posted by: David | June 17, 2005 12:19 PM | Report abuse

It will happen in the US next.

Posted by: michelle | June 19, 2005 10:47 AM | Report abuse

I expect it has been happening in the US for some time now.

Posted by: craig | August 16, 2005 10:43 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company