'

UK critical infrastructure under massive attack

I am sorry, I had to quote the entire headline from this article. I know it got *my* attention!

I am sorry, I had to quote the entire headline from this article. I know it got *my* attention!

One of the hardest thing about being in security is saying "I told you so" without sounding smug. This type of attack underway in the UK has been predicted for years: targeted, social engineered, modified viruses used to attack government and industry.

When you think about it this method of attack is obvious. Select a target, modify a virus/Trojan to avoid detection, and send it directly to insiders with spoofed return email addresses from other insiders. You will recognize that this is how the Trojan's were distributed in Israel (see below). From the article:

The attacks use a variety of custom designed and ready-made Trojans, which have been modified in an attempt to evade anti-virus software. The attackers have used a wide variety of constantly changing Trojans to evade detection.

Infected emails are normally targeted at individuals who work with commercially or economically sensitive data.

The e-mails are spoofed to make them appear to have come from trusted contacts, news agencies, or government departments. They contain subject lines designed to trick the recipient into opening Trojanised file.

Once opened, an infected attachment can give attackers control over the machine. The Trojans can be used to collect user names and passwords, scan drives for documents, send data back to remote computers and to launch attacks against other computers.