All posts by Sam Richardson

GameoverZeus and Cryptolocker: is your data protected?

A massive international anti-cyber crime initiative has recently made a breakthrough, with a wanted notice for Russian national Evgeniy Mikhailovich Bogachev issued by the US government.  Bogachev is thought to be the mastermind behind two of the most recent (and most infamous) internet phishing schemes, commonly known as Gameover Zeus and the Cryptolocker virus.

GameoverZeus is a piece of malware that, when deployed on a victim’s computer, is able to target and extract login information for a range of applications ranging from social media and email accounts to online banking details. A different type of Zeus malware can also be used to install the ransomware Cryptolocker if the Zeus trojan is unable to find what it’s looking for.

As the Zeus group of malwares are trojans, and are therefore not designed to be found, Cryptolocker has become slightly more well known to users. Its function is to demand a ransom for certain files which have been infected by Cryptolocker. Affected users then face the dilemma of losing what is potentially an important file, or submitting to the ransom demands, with no real guarantee that they will get their file back anyway.

The US Department of Justice has officially issued charges against Bogachev, thought to be a ring leader of cyber-criminals, after the botnet that was operating the phishing scams was brought down. The effort was a collaboration between law enforcers from the US, as well as the UK and private security firms from around the world. The team was able to take control of the “Command and Control (C&C)” servers which had orchestrated the criminals’ operation.

However, the UK’s National Crime Agency (NCA) were quick to point out that this intervention is only temporary, as it would only be a matter of time before the criminals acquired new C&C servers from which they can run their operation. The NCA stressed to users the importance of ensuring that their computers were free of malware and protected against future infection.

The affect of the Zeus and Crytolocker malwares has been huge, and on a truly global scale. The scams can affect both home users and businesses and highlight the need to have the proper security measures in place.

Here at Backup Technology we have seen many of our customers affected by Cryptolocker in particular. Luckily, the files affected were securely backed up in our data centres, and so were retrievable. Had they not been backed up, the affected customers would have suffered the inconvenience, and potentially damaging affect of losing important files.

If you feel you are vulnerable to either Cryptolocker or the Zeus trojan, why not make an enquiry about our Cloud Backup and Disaster Recovery services. They could end up saving you a huge amount of stress and money should the worst happen!

Heartbleed may decrease internet speeds

As the Heartbleed flaw in the OpenSSL security software spreads to cause more problems, one of the issues highlighted is the possible decrease in internet speeds. This possible drop in speed will most likely be caused by the number of sites refreshing their security certificates as part of everyday interactions on the internet.

Whenever one computer talks to another on the internet, e.g. a home PC or laptop connecting to a webserver hosting a website, security certificates are exchanged so that the two machines can be sure of eachother’s identity. In short, because of the flaws in OpenSSL exposed by the Heartbleed bug, there are many more certificates being exchanged during these interactions, which causes the authentication process to take longer.

The estimated number of affected sites is thought to be around 500,000, and includes big names such as Google, Facebook and Dropbox, sites used everyday by hundreds of millions. However, these bigger sites are thought to have patched the security flaws in OpenSSL, which will prevent cyber-criminals from attacking web servers.

The updating of security certificates ties in with OpenSSL, as it guarantees a site’s identity. OpenSSL simply transports sensitive data to a destination in a secure fashion, but once at the destination the two points communicate with each other in order to verify the identity of one another. If one machine can’t prove it’s secure, the information will not be delivered. This is the same principle as how your email client blocks an email address if you mark it as spam.

The Heartbleed bug virtually rendered OpenSSL (SSL stands for Secure Sockets Layer) insecure, as criminals could get their hands on the security keys of websites which used the software. Once stolen, criminals could then use the key to impersonate another legitimate website, in order to gain information illegally.

The fact that big companies like Google or Facebook were affected does not mean that these corporations don’t take security seriously, it just highlights how common the use of OpenSSL is on the internet. This in turn highlights how quickly a virus or another security scare can spread across the internet if such a flaw is identified.

Some are now calling for these big companies, and governments, who use the OpenSSL software to a huge extent, to contribute to its maintenance and future research. Currently, annual donations to the OpenSSL foundation amount to $2,000, a mere pittance to somebody like Google or Facebook.

Programming Error Costs Co-Op Bank £110m

The Co-Operative group has been dragging its name through the mud again recently, adding to the mess that has already been made during the most turbulent period in the group’s history. This particular episode comes again from the Co-op Bank, which has come in for particularly heavy criticism recently following a series of revelations.

An extract from the bank’s financial report for 2013 states interest refunds relating to technical compliance with the Consumer Credit Act have also been provided for 110m. It is suspected that this refers to a group of annual loan statements that were distributed 368 days after the previous annual statement. This error has been blamed on a coding error, which was programmed to automatically generate the reports, but did so 3 days late.The bank has yet to confirm the cause of the late report, but a report by The Grocer strongly suggested that a coding error was to blame.

The reason the figure of 110 million is a “refund”, and not a fine relates to the statements being released 3 days late. In this case, the law states that all interest earned by the Co-op Bank during this period now has to be refunded because the statements were released after the 365 day period. It’s a technicality, but it’s a mistake that has cost the already cash-strapped bank a huge amount of money. It also makes the already slippery slope to recovery even more slippery.

The bank had already reported losses of 1.3 billion for 2013, and has barely been out of the news over the last few months since the highly public shaming of former boss Paul Flowers for “lavish” expenses as well as “inappropriate content“. Flowers resigned his post in June 2013, followed by the Co-op group chairman Len Wardle in November of last year. Even more recently, Lord Myners, who was brought in by the Co-op board to turn things around at the beleaguered group, resigned only a few weeks ago amid expectation his plans for reformation of the group’s board and management structure were to be rejected.

 

Windows XP: End of Life

Tuesday 8th April 2014 marked the end of life for Windows XP. The archaic OS, which has been one of the most popular of the Windows operating systems released in the last 13 years, finally reached EOL (end of life) yesterday and was put to eternal rest. The software giant will still release “virus warnings” related to the OS, however no fixes will be offered as part of update packages.

Microsoft will no longer be releasing any Operating System updates after the last batch were rolled out yesterday. Therefore, the highly popular OS will no longer be supported.

Many readers will be thinking, “this makes no difference to me, I upgraded to a newer Windows OS many moons ago”, well hold on there sister, because you may well find yourself caught short by this momentous clocking off of one of the world’s biggest support teams.

Millions of devices still use Windows XP, it’s thought that roughly 25% of all desktops are still running on it. Some of these devices are the backend to important services we use everyday, such as ATMs.

The cessation of further security updates leaves these devices open to securityvulnerabilities as hackers develop ways to bypass any remaining security flaws in the OS itself. If such a vulnerability were targeted towards an everyday service like ATMs, the knock on effects would be huge, affecting millions of people across the globe.

ATM machines are just one example, but if something so common as this can be affected it is reasonable to assume that other everyday services will be affected.

XP itself was released in 2001 originally with a 10-year support life. However, after realizing its popularity in 2007 Microsoft decided to extend this support life to accommodate the many users. But, all good things must come to an end, and Windows XP is no different. The extent of its expiry as yet remains to be seen, but it seems only a matter of time before we read the latest story about exploitation of a security flaw.

LinkedIn Email Addresses Exposed by Plugin

A Google Chrome browser plugin can be used to expose the email addresses of LinkedIn users.

The plugin, called Sell Hack, can be installed on any Chrome browser and when users of it browse LinkedIn profiles, a “hack in” icon appears.

LinkedIn is said to be taking legal action over the plugin and advised users to uninstall. However, the nature of the plugin is such that its users will most likely not heed LinkedIn’s warning until threatened with stronger action.

Sell Hack insists that the the tool was created for marketing professionals and that all data is publicly available.On its website it said: “We just do the heavy lifting and complicated computing to save you time, We aren’t doing anything malicious to LinkedIn.”

LinkedIn however issued Sell Hack with legal documents. A spokesmen said:”We are doing everything we can to shut Sell Hack down. On 31 March LinkedIn’s legal team delivered Sell Hack a cease-and-desist letter as a result of several violations”.

LinkedIn, as of June 2013 (more recent stats couldn’t be found) had 259 million users, so the potential number of affected users is likely to be huge.

Google Chrome has many plugins and tools that can be downloaded free of charge by users. Whilst most have no malicious intent or use, most plugins are produced by third parties, so the potential for malware to be produced is there.

The full consequences of the plugin are yet to surface, however it is expected that many users will certainly receive nuisanceemails as a result of this.

World Backup Day Offer from Backup Technology

31 March 2014

Backup Technology is offering a month’s free Cloud Backup to mark this year’s World Backup Day which takes place today (March 31).

We will provide one month of FREE Cloud Backup for new customers who take out a one year’s standard twelve month minimum contract and two months FREE Cloud Backup for new customers taking out a minimum 24 month contact. The offer ends at midnight on Friday 11 April.

Rob Mackle, Sales Manager and Channel Sales Manager EMEA for BTL, said: “Computer hard drives fail and that rate of failure increases the older the hard drive gets, so World Backup Day is a reminder of how important it is to have a secure backup solution in place. We work with enterprise business, consumer brands, consultancies and charities, all of whom need secure, reliable and scalable protection for their data.”

BTL’s Cloud Backup offering is based on Asigra software and fits the Private Cloud, Public Cloud and Hybrid Cloud requirements for any size of environment, on and offsite. Asigra is the world’s leading Cloud Backup software developer and BTL is its largest global partner.

The BTL offering provides an Enterprise and WAN optimised solution, allowing large amounts of data to be protected over small bandwidth connections.  BTL’s proprietary portal enables centralised web-based monitoring and consolidated daily emails giving customers full transparency of backups on a real time basis.

BTL is part of UK cloud company iomart and currently protects over 15 petabytes of data in the public and private cloud for customers including leading disability charity Papworth Trust. Read how BTL helped the Trust adopt a more streamlined approach to backup here: – http://www.backup-technology.com/downloads/papworth-case-study-.pdf

To take advantage of our World Backup Day offer call us on 0800 999 3600, email sales@backup-technology.co.uk  or Tweet to @backuptech

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal