I’ve been quiet for a while, sorry. Mainstream media has been peddling more FUD than normal over the past few days so I feel obliged to weigh in with my opinion and some clarification.
Sky News chose the headline ‘Two Weeks’ To Prepare For Cyber Attack. BBC News open with: Alarming news from the UK’s National Crime Agency: you have “two weeks” to protect yourself from a major cyber-threat. Even the Metro are getting in on the act with the headline: Two weeks to save your computer from major cyber attack. No. The sky is not falling.
They all reference a recent announcement from the National Crime Agency (NCA) but it seems that none of the journalists have bothered to read the announcement for themselves. The Guardian provides the only balanced interpretation that I have seen so far. The FBI also provide a more in-depth review of activities.
The issue focuses on two nasty pieces of malware; Cryptolocker which zips up your files and renders them inaccessible unless you pay a ransom, and GoZeus which steals online banking credentials. A joint effort between global law enforcement and industry experts has broken most of the communication channels that the malware authors use issue instructions or extract stolen details. This makes no difference to the distribution of the malware or its ability to operate. Your Cryptolocked files will remain hidden and GoZeus will still eavesdrop your online banking.
The malware is typically distributed by sharing links to malicious websites or by emailing the malware under the guise of an invoice or delivery note or some other innocuous document. The best protection is to be careful of what you click on, of opening attachments that you aren’t expecting or that look suspicious. Using decent a decent antivirus tool and keeping it up to date is always good advice. If your computer is infected then the UK Gov websites GetSafeOnline and CERT provide instructions and tools to help you regain control and clean your computer. In the case of Cryptolocker, make sure you keep a backup of anything important.
The recent interventions have not targeted the distribution or the cleanup of the malware so the actions you are advised to take in this magical two week window to “rid and safeguard” yourself are no different from what you should do any other day of the year. The two week figure comes from speculation that the malware authors will take this long to work around the interruptions. Once this happens we’ll be back where we were two weeks earlier.
The malware won’t suddenly become more infectious or ferocious. Granted the malware authors might seek to retaliate against the interruption and make their malware more damaging, but doing so is likely to lead to heavier protection and more severe prosecution so it would be self-defeating.
So in summary… The world is not going to end in two weeks, most likely very little will change in two weeks. If you’re infected, clean yourself. Whether you’re infected or not, protect yourself. Carry on as you were and most important of all, Don’t Panic!