Today marks the two-week deadline for the ownership of the Gameover Zeus (GOZeus) botnet after control was seized by the UK’s National Crime Agency, the FBI, Europol and a number of security companies.
In a warning issued by the NCA, it said that after the international action on the 2nd June, which temporarily weakened the global network of infected computers, providing a two-week opportunity for members of the public to rid themselves of the malware and help prevent future infection, but warned that enhanced security will still be effective against cyber crime threats, but may not give the enhanced protection available while the GoZeuS and CryptoLocker system is at its weakest.
It said that current indications are that infections in the UK have reduced since the 2nd June, but thousands of systems remain affected or at risk. Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit, said: “While there is never a bad time to maximise your online security, and it is something we should all do regularly, acting now can provide unprecedented levels of protection from these types of malware. If you haven’t already, we urge individuals and small businesses alike to take action this weekend.”
However TK Keanini, CTO of Lancope, said that this will likely have little effect as the sad reality is that most people just don’t update their Operating Systems and security software. “These cyber criminals prey on those who don’t even read these advisories,” he said.
“This event was certainly a win for the defenders because it changed the economics of cyber crime. Rarely do defenders raise the cost to these cyber criminal operations but this joint effort really disrupted the bad guys. We need to do more of this until it is not an attractive business to pursue cyber crime.”
Keanini said that the two week window was likely an estimate based on how quickly the criminal gang behind these botnets was likely to regain control of infected systems, but said that there is still time to take action.
Calum McLeod, VP of EMEA at Lieberman Software, said that as far as the consumer goes, it’s a lost cause. “How do you educate an IT illiterate population about the need to disable privileged access on their home PCs, and stop watching videos of puppies running around? Maybe we need to consider an ‘IT driving license’,” he said.
“We don’t let people drive cars until they demonstrate that they’re not a danger to themselves and others, and maybe the same needs to apply to the Internet.As far as anyone taking steps to protect themselves, most are more worried about the World Cup, Ukraine, and nutters in Iraq than they are about botnets. In any case since it’s yesterday’s news in the mainstream media who are more concerned with overpaid footballers than criminal activities on the net.”
In agreement was Dwayne Melancon, CTO of Tripwire, who believed that the majority of the public haven’t been paying attention to this issue, which is how we got into this situation in the first place.
He said: “Many of the recommended actions fall into the category of ‘good hygiene’ in the computing sense, but it is notoriously hard to get the average user to keep things secure and up to date. Therefore, while I think this was a good idea, I’ll be surprised if it makes a material difference in the reach of the bonnet.”