Over the last couple of weeks, you may have heard about the imminent global security threat posed by GameOverZeus and Cryptolocker, announced by the UK’s National Crime Agency (NCA).
Highly sophisticated malware, GameOverZeus and Cryptolocker are believed to have infected over 250,000 computers around the world – 15,500 in the UK alone – since the risk was identified in April 2014.
What’s more, the malicious software is also responsible for around £60m worth of global fraud.
So what is this malware, how does it work and how can you protect your business against infection and potentially significant financial loss?
Our article answers these questions, explains how to protect your business and also how Air-IT can help keep your IT systems safe.
About GameOverZeus and Cryptolocker
GameOverZeus, sometimes called GOZeus or P2PZeus, and Cryptolocker were developed by criminal gangs in Russia with the aim of stealing and extorting money from individuals and businesses running computers with Windows based operating systems.
GameOverZeus is a Trojan virus that’s carried as a link or attachment within a ‘phishing’ email that looks like it’s come from a trusted source, such as a known contact or financial institution.
When the link or attachment is opened, the malware is unleashed and silently searches your computer for files containing financial information, such as bank log-in details and passwords, which it then transmits to the criminal gangs.
If GameOverZeus doesn’t find anything of sufficient worth, then Cryptolocker ‘ransomware’ may be deployed.
This encrypts the files and folders on your computer’s hard drive. When this process is complete, a pop-up will appear advising that you have a set time period to pay a ‘ransom’ and unlock your files before they’re permanently deleted.
Cryptolocker Ransom Popup
Once your computer’s been infected by GameOverZeus and/or Cryptolocker, it becomes part of a network of infected machines known as a BotNet. The criminal gangs can communicate with and manipulate these computers, using them to carry out further malware attacks and distribute spam emails.
Who’s at risk from these viruses?
GameOverZeus and Cryptolocker are designed to target computers running:
- Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
- Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012
The viruses and their effects can be spread throughout your company’s entire IT network through just one unsecure PC.
Protecting your business from attack
You can help keep your systems safe from GameOverZeus and Cryptolocker by following these steps:
- Install and use anti-virus and internet security software, anti-spam filters and firewalls to help minimise the risk of infection. Keep these up to date by installing the latest patches.
- Don’t store passwords on your computers as these could be accessed by malware such as GameOverZeus. If you think any of your computers may have been attacked, change your passwords immediately as these could have been compromised.
- Keep your Windows operating system and software applications up to date by installing the latest patches and updates. If you’re running an unsupported operating system such as Windows XP, it’s time to upgrade (see below).
- Back up all your important files online and offline on a regular basis, so you don’t lose them to ransomware such as Cryptolocker.
- Follow ‘best practice’ for email management, such as never clicking on links or attachments unless you’re 100% sure they’re authentic, and always immediately deleting any suspicious emails.
For more information about best practice for your email please see our article – Staying Safe from Spam and Phishing Emails.
Air-IT can help you protect your company IT systems
If you think your company’s IT security may not be up to standard, or you’d like advice on how to further protect your business, Air-IT is here to help.
Our expert technicians will be happy to assess your existing systems and make any necessary recommendations so that your business if fully secure and safe from potential attack.
We can also train you and your staff on best practices for IT, internet and email security to help reduce the risk of viruses, malware and other threats being inadvertently admitted to your network.
It doesn’t matter whether you’re new to Air-IT or are already an IT support client – our aim is to assist any business that needs our help to avoid being targeted by cybercrime.
Still running Windows XP or Server 2003? you need to act now
Computers running Windows XP and Server 2003 are at particular risk from threats such as GameOverZeus and Cryptolocker because Microsoft withdrew official support for XP in April 2014 and Windows Server 2003 in July 2015.
This means that XP users and companies using Windows Server 2003 no longer receive the security updates and patches that keep their systems safe from attack.
So if your business is still using XP or Server 2003, it’s more important than ever that you upgrade to a supported operating system and server platform – such as Windows 7 / 8, Office 365 and Windows Server 2012 – to ensure that your business is protected.