Hackers using IE exploit against Australian businesses

Australian businesses in the resource and mining, financial services, and telecommunications sector are the latest targets of hackers exploiting Internet Explorer zero day.

The recently discovered Internet Explorer (IE) vulnerability is attracting more trouble, and this time it's reached Australia, according to security firm FireEye.

FireEye, the company that discovered the IE vulnerability in April, believes that the IE vulnerability is being exploited by hackers against organisations in Australia, both independently and as part of a campaign called Clandestine Fox , a spearphishing attack where emails containing links to malicious websites are sent out.

According to FireEye, the Australian industries that are being targeted include resource and mining, financial services, and telecommunications.

FireEye ANZ engineering manager, Rich Costanzo, said while reports have confirmed that it has affected companies internationally, this is the first confirmation of the vulnerability exploitation in Australia.

"This is clear proof that what we're seeing globally in terms of zero days and breaches is happening here in Australia," he said. "Not only that, it's happening in record time. In fact, less than 72 hours after the IE vulnerability became known we were detecting it here."

Costanzo said even though patches for IE zero day have been released, businesses are still vulnerable.

"The idea with a vulnerability like that is even though there is a patch released it potentially takes a while for that patch to take wide spread use and for everyone to have that installed, so a vulnerability does continue even though a patch is available," he said.

"This particular one also had multiple reiteration. The first was focused on IE versions 9 to 11, and a few days later we saw a second reiteration attack that was was focused on Windows XP and IE 8."

According to FireEye, collectively, as of 2013, vulnerable versions of IE accounted for 26.25 per cent of the browser market, prompting governments around the world to advise users to switch browsers until the bug was fixed.

Meanwhile, Costanzo advised that updating patch schedules is "absolutely critical" for Australian businesses to protect themselves.

"We're recommending upgrading from Windows XP. Microsoft put Windows XP out of support and so they are no longer providing patches, and what happens when a new threat or vulnerability occurs on a Windows platform — generally 92 percent of the time — that vulnerability is across platform," he said.