UK foreign secretary: "We're under attack"

Filed Under: Data loss, Malware, Phishing, Spam

William Hague photo courtesy of Drown's Flickr photostreamYesterday, the UK foreign secretary, William Hague, explained to a security conference in Munich how cyber criminals were trying to infiltrate the UK government and defense contractors.

According to a BBC report, Mr. Hague explained that attackers had infected government computers with the Zeus trojan (Sophos calls Zeus "Zbot") in attacks similar to those on the Department of Homeland Security last June.

While I commend the government for publicly addressing these issues, I certainly hope this isn't news to those in the MoD (Ministry of Defence) or defense industries.

The types of threats Mr. Hague outlined are not just hitting the UK government. These types of malware, social engineering and targeted phishing are gaining momentum against businesses all over the planet.

Most of the examples he cited began as email attacks. While best practices suggest that you should block all executable content from entering your mail gateways, booby-trapped documents are still a risk.

Spend some time educating your users that Microsoft Office documents, PDFs and other commonly used file types can be dangerous. If you are not expecting a document, or if you find it out of context, don't open it.

Phone the person who appears to have sent it or use some other out-of-band communications method to confirm the document isn't phony.

For more information on how malicious PDF documents can be used to compromise your computers, check out "Finding rules for heuristic detection of malicious PDFs: With analysis of embedded exploit code", the paper that Paul Baccas from SophosLabs presented at the Virus Bulletin 2010 conference.

Creative Commons photo of William Hague courtesy of Drown's Flickr photostream.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.