Tag Archives: Bitdefender

IS cyber attack on the UK “could cripple all forms of communication and infrastructure” warns Bitdefender

Following the news that the British Government is set to double UK cyber crime funding to combat the IS threat, Catalin Cosoi (chief security strategist at Bitdefender) offers an insight into what an Islamic State-orchestrated cyber attack might look like and where defences must be improved.

“A cyber attack from Islamic State could have devastating consequences for British businesses and infrastructure.

“As organisations continue to deploy innovate technologies to increase productivity, the number of attack surfaces is increasing and leaving businesses exposed.

“A possible worst case scenario is the crippling of all communication and critical infrastructures, ranging from mobile phones to water supplies, electricity and gas. This could be co-ordinated alongside a physical tactical assault, as disrupting any form of communication or Internet-connected technology could be used as a serious tactical advantage on the ground.

GlobalInternetConcept2Page8

“It’s conceivable that, although IS might not have the necessary technical skills, it could potentially outsource these types of attack to parties that do. After all, the black market is now riddled with such services, all waiting for the right buyer.

“Adding £1.9 billion per annum to the budget for fighting cyber crime is a step in the right direction, but this needs to be supported with an extensive review of critical infrastructure.

“There have been several incidents where industrial SCADA systems have been found plugged directly into the Internet and accessible by anyone. If this situation doesn’t change, we’re leaving the door open for any organised attacker including IS.”

Security threat countermeasures

Catalin Cosoi’s work is helping to set the agenda for the development of new security threat countermeasures.

Over the last 11 years, Cosoi has acquired a thorough understanding of key areas of technology such as cloud computing, outbreak detection, proactive phishing detection and mobile threats.

Bitdefender is a global security technology company that delivers solutions in more than 100 countries through a network of value-added alliances, distributors and reseller partners.

Since 2001, Bitdefender has consistently produced award-winning business and consumer security technology, and is a leading security provider in virtualisation and cloud technologies.

*More information is available at: http://www.bitdefender.com/

Advertisements

Leave a comment

Filed under Risk UK News, Uncategorized

“‘Clean’ Microsoft Office documents deliver cyber threat” warns Bitdefender

Bitdefender, the anti-virus solutions specialist, is warning Microsoft Office users about the emergence of a new spam campaign that’s looking to trick anti-spam filters in order to allow spam to pass freely into mailboxes. The campaign’s success is elevated due to the attachment of what appears to be a ‘clean’ Microsoft document alongside the spam e-mails.

“For a few days, cyber criminals have been sending targeted e-mails to management departments,” explained Catalin Cosoi, chief security strategist at Bitdefender. “The e-mails look like a tax return, a remittance or some kind of bill from a bank and carry a Microsoft Word or Excel attachment. If you’ve recently received an odd tax return or a similar request via e-mail then you may not want to open the file.”

The e-mail isn’t stopped by anti-spam filters because the file itself is clean. The trap lies in the use of macros within the document. Those lines of code, adopted in Microsoft Office, are generally used to create formulas or a repetitive task, but they can also interact with the whole Windows environment and have an impact on an entire system.

A new cyber campaign is designed to trick anti-spam filters such that they allow spam communications to access mailboxes

A new cyber campaign is designed to trick anti-spam filters such that they allow spam communications to access mailboxes

The code in these ‘clean’ documents is a command for the victim’s computer to download a piece of malware from a remote server that will execute automatically, with the macro code disguised to bypass traditional anti-viruses.

Cosoi continued: “The malware on the remote server is either a ransomware or an industrial espionage tool. Both are as dangerous as they look. The effect of the ransomware is immediate as it can encrypt a company’s important files and ask for a ransom. The espionage tool can be even more vicious depending on what kind of files it’s able to access.”

In order to prevent the threat, a company’s network needs security from end to end. There cannot be any reliance on a single defence.

Bitdefender recommends using an anti-virus solution that proactively protects against threats in order to block the danger before it even has the opportunity to send a command – in this case, to prevent the macro from downloading the malware.

Leave a comment

Filed under Risk UK News