Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Critical Structures Targeted by Trojan Attacks

Posted by Zonk on from the beware-greeks-bearing-gifts dept.

ElGanzoLoco writes "The UK's National Infrastructure Security Coordination Centre is reporting that key british infrastructures (government, telecom, transports, banks among others) are under attack by specific, targeted e-mail trojans. According to their report (PDF), 'the emails use social engineering to appear credible, with subject lines often referring to news articles that would be of interest to the recipient. In fact they are "spoofed", making them appear to originate from trusted contacts, news agencies or Government departments.'. The attackers are apparently trying to gather sensitive or secret data. While the NISCC has not been able to precisely trace the attacks' origins, most IPs seem to trace back to Far-East Asia."

10 of 102 comments (clear)

  1. lol? by Anonymous Coward · · Score: 3, Interesting

    If this is a sustained attack:
    1) block these emails
    2) educate staff to be aware of this atleast in the short-term
    3) hold educated staff atleast partly responsible for any infections that result from this attack
    4) we need to vote in a government that actually knows how to use a computer

    1. Re:lol? by BiggyP · · Score: 3, Interesting

      It could be that a lot of these links, the ones that appear dead, do so only because the spoofing vulnerability in use doesn't work in the browser you're using.

      Imagine if the UK government stopped wasting vast amounts of money licensing windows for their end users and switched to something a little less bug ridden.

      --
      Software Freedom Day!.
  2. Far East Asia? by EQ · · Score: 3, Interesting

    Perhaps the fabled North Korean Super Hackers at work?

    Although why woudl they want anything to do with the UK? Isnt it the USA thats their bete noir?

    --
    Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
  3. China and Russia according to Radio 4 by lxdbxr · · Score: 4, Interesting
    On the Radio 4 "Today" program this morning they covered this story, the correspondent basically said that NISCC knows where the attacks are coming from (& I would be surprised if they didn't, NISCC are pretty competent people), but did not spell it out in the report to avoid diplomatic complications. The Radio 4 guy reckoned that these specific, targeted attacks (mostly against gov.uk) were coming from China and Russia, though whether private or state actors he didn't say.

    No mention of North Korean superhackers, I was a little disappointed :-)

    --
    -- Nothing unusual happened today
  4. Re:"Secret" data? by Kinky+Bass+Junk · · Score: 2, Interesting

    So how the hell would these PC leak SECRET data at all?

    IANA, but in my understanding if a PC is compromised by a trojan, there is a lot it can do. Now confidential data may only be held on secure systems, but what happens when Joe from upstairs needs a copy of this, and for ease of work Jim (with a compromised machine) emails it to him, after getting it manualy? A combination of social engineering and use of compromised machines could get you a plethora of sensitive information.

    --
    Anonymous Coward
  5. Re:Political Spin? by SenseiLeNoir · · Score: 1, Interesting

    Yes, but Tony B-Liar will have a MUCH tougher time trying to convince the rest of parliament and the UK Public to go after NKorea, or China just because of a few trojan emails.

    The british public will blame the government for the lack of security than blame N.Korea, et al for this.

    Mind you, this may be good for Linux Adoption!

    --
    Have a nice day!
  6. Why on Earth are these machines running Win32? by SysKoll · · Score: 1, Interesting
    From the article: Implement operating system and software updates to patch the vulnerabilities exploited by these trojans. As Microsoft Office vulnerabilities have been particularly exploited, advice contained in all Microsoft security bulletins should be followed. These can be found at: Microsoft Security Bulletin Search http://www.microsoft.com/technet/security/current. aspx

    Maybe I am missing something, but why do the Brit spooks perform classified work and put secret documents on Windows machines? If all they want is to provide a click-and-drool interface to their secretaries, the Mac is perfect, not to mention open-source OSes.

    So why are the British taxpayers allowing them to weaken national security and waste their money, just to enrich a non-UK software company? Isn't it betrayal?

    --

    --
    Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/

  7. Re:"Secret" data? by kc0re · · Score: 2, Interesting

    No, what's he's saying is.. SECRET and CONFIDENTIAL machines are connected to a "net" but not /the/ net. See there are other "nets" that never ever touch the internet. So his question is, how did information on a totally seperate net get onto the internet... The answer to that question is thumbdrives, floppies, or god forbit, a SECRET machine plugged into the Internet.

  8. Re:Shocking by goatan · · Score: 2, Interesting
    I've got some balls alright, I simply tabbed once to often.

    We have seen major phishing attemps on the big US corporations for a while now, and people have been faking mails from ebay and the banks and everywhere else.

    Only now that UK organisations are targeted do they start moaning.

    There should be a concerted effort to stamp out this kind of shit targeting whichever organisation WORLDWIDE, not just a namby pamby "oh look our companies is getting done over". Organisations and ISPs should supply enough information about online fraud to everyone who needs it, and shouldnt wait until they get hit.

    Umm these sort of attacks have been known about for a long time this is information about a specific problem its called a warning it alows others to be aware that there is a new round of attacks going on and to be prepared if these e-mails come there way, that way less damage is done.

    Do you think it's better that no one knows about this latest round of attacks or should we twiddle our thumbs saying "everyone else should know about this we have no responsibility to help"?

    --
    Saying Apple is better than MS is like saying Botulism is better than rabies.

  9. Re:"Secret" data? by Jon+Chatow · · Score: 2, Interesting
    All government departments now live on email - email over the Internet, that is - including with non-governmental parties and non-secure systems, all the time. The idea that they could function without being connected to the Internet, but simply some private internet, is unworkable.

    Nor, for that matter, could they do what bits of the Armed Forces do - all emails to the outside world go to a special room where trained security operatives read the outbound email on one screen (a computer on the white network) and type it into another machine (on the black network), checking for release of documents. This is because "Here is today's draft of the Green Paper - any further comments", with a 500-page confidential document attached, is not something that can be readily re-typed. For "confidential"-tagged (and even sometimes "secret"-tagged) such situations, think of the CSRs (comprehensive spending reviews), where the Treasury gets terribly uppity about security.

    --
    James F.