SYS-CON UK Authors: Salvatore Genovese, Jeremy Geelan, Jamie Matusow

Related Topics: SYS-CON UK, Containers Expo Blog

SYS-CON UK: Article

UK Targeted for Trojan Attacks

British Government Agency Issues Warning About Attacks from Asia

The UK's National Infrastructure Security Co-Ordination Centre (NISCC) has issued a warning about a series of trojan attacks that go after British government agencies and companies, and which seem to emanating from "the Far East."

The attackers' goal appears to be "covert gathering and
transmitting of commercially or economically valuable information," the NISCC says. The e-mails include spoofed sender addresses "and information relevant to the recipient’s job or interests to entice them into opening the documents, the agency says.

Anti-virus software and firewall will not completely protect users from these attacks, as these trojans can use common ports such as HTTP, DNS, and SSL, and can also be modified to avoid anti-virus detection.

"An infected computer is under the control of the attacker and can be directed to carry out any function normally only available to the system owner, and trojans often communicate back to the attackers using standard application ports (for example TCP port 80, used for web traffic), making it very difficult to detect the data they send and receive amongst legitimate network traffic," the agnecy has warned.

The agency is working with other agencies worldwide to find and "neutralize" IP addresses that are known sources for the attacks. Meanwhile, it urges users to be vigilant in their detection and to follow a "current advice document" that it has posted, to be found at:



More Stories By Security News Desk

SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.