June 05, 2014
Businesses are being urged to take steps to protect themselves from a dangerous malware threat, which could see their data be held to ransom.
According to the National Crime Agency (NCA), 15,500 computers in the UK are currently infected. The malware, called Gameover Zeus, attacks computers in a bid to harvest money directly from bank accounts or by locking users out of files and demanding a ransom.
The FBI has taken control of the network in order to protect individuals and businesses giving them time to update their operating systems and scan for viruses. However, this shield will only last for two weeks.
The malware has already hit UK small businesses. Jonathan Kemp, who runs varnish producer AEV Ltd in Birkenhead, lost £100,000 "in three minutes" after one of his employees unwittingly opened an email infected with the Zeus virus. The email claimed to be from HMRC.
Peter Birkett, from IT services company Adept4, said companies should protect themselves by updating their operating systems to the latest version and installing anti-virus software.
He said: "It's vital that SMEs act now to protect the integrity of their systems. There are a number of measures which businesses can take to protect their software, these include the standard anti-virus, anti-malware and encryption services which make it harder for security breaches to take place."
A new government scheme has gone live this week providing a cyber security assurance certification that businesses can adopt to protect themselves and their customers from cyber threats. The Cyber Essentials scheme has the backing of insurers.
David Willetts , universities and science minister, said: "The recent GOZeuS and CryptoLocker attacks, as well as the eBay hack, show how far cyber criminals will go to steal people's financial details, and we absolutely cannot afford to be complacent."
He said: "We already spend more online than any other major country in the world, and this is in no small part because Britain is already a world leader in cyber security."
From 1 October 2014, the government will require all suppliers bidding for certain personal and sensitive information handling contracts to be Cyber Essentials certified. The scheme is being delivered as part of the government's £860 million National Cyber Security Programme.