Accessibility options

Users must improve internet safety

Technology news

Users must improve internet safety
Experts say the public needs to improve internet safety settings

Published: 3:33pm, 3rd June 2014
Updated: 12:04am, 5th June 2014

Cyber security experts have been having their say on the 'two-week attack' that the National Crime Agency has spoken of, and the need for users to improve their online safety settings.

The news follows the FBI's successful disruption of a major cyber criminal network in the US, which intended to use two viruses to infect computers and steal data.

The viruses, known as Gameover Zeus and CryptoLocker, have been temporarily disrupted, and authorities want the two-week period it will take them to recover to improve anti-virus protection on the world's computers.

Industry experts have been quick to back up the stern message from the NCA, whose advice to visit internet awareness group Get Safe Online's website led to the site going down for 15 hours.

Hugh Boyes, head of the Institution of Engineering and Technology's (IET) cyber security team, said: "This is a very serious threat compounded by the fact that too many people have limited security protection on their computers.

"Unencrypted passwords should never be stored on computers in case they are accessed by Gameover Zeus or another aggressive malware programme. If there is a need to store passwords, then use a good password manager application, which backs up and shares with your smartphone or tablet computer.

"One piece of valuable advice that is rarely given is that people should have two separate accounts on their PC - one standard account for normal day-to-day use and one administrator account which should only be used when changes need to be made to the machine, such as installing software or adding printers.

"The administrator account should not be used for web browsing or accessing emails. This action can prevent approximately 90% of current exploits and attacks."

Gavin Davey, director of IT assurance services at international accountancy firm Moore Stephens, said that while this was a serious issue, some coverage of the threat was being over-hyped.

"The NCA warning suggests that there's some sort of impending cyber-bomb that will be going off in two weeks. In reality, whilst it is welcome news that a major botnet has been dismantled, there is a prevailing view that this might just be a drop in the ocean," he said.

"One of the greatest risks and challenges is still user security awareness and training. By far the most common issue being identified by security exercises is poor end-user behaviour, compromising strong technical system cyber controls. It's like buying a really big padlock for a really big door and leaving the door open when you leave for work."

The Get Safe Online website is now back up and running, with the site offering numerous links to to free anti-virus software as well as tips on how to better protect your sensitive data online. Liz Fitzsimons, legal director at law firm Eversheds, said that it was crucial that businesses improved their own settings to help protect their customer's data.

"Protection against the impact of GameOver Zeus and CryptoLocker should be considered imperative by all bodies handling personal information and commercially valuable data," she said.

"These companies must ensure they have assessed the risk and taken the opportunity to counter it effectively, including in respect of the use of home email accounts and bring your own device for work purposes. Failure to address any infection or weaknesses is likely to lead to harsher enforcement sanctions in the event of any future data security or other breach."

Mark Sparshott, a director at US-based cyber security experts ProofPoint, acknowledged that this latest event could just be one of many incidents to come. An FBI spokesman referred to the news as "the new normal".

"This is a great effort shutting down one of the major botnets. Unfortunately, it's just one - there are many others operating and as we saw last year, attacks were operating at the same levels only weeks later.

"Taking down botnets is like punching water. Now is not the time to rest on our laurels; rather, this takedown shows how widespread the problem was, is, and will be again, and thus now is the time to invest in additional protection. The price of security is eternal vigilance."

Advertisement starts


Advertisement ends

Travel offers

Add Add
5* Mauritius holiday
The Lygon Arms
Greek island activity holiday
Copthorne Tara Hotel London Kensington
Inn on the Lake
Incredible Iceland break with a Northern Lights tour
The Old Swan
Austrian Alps ski break
DoubleTree by Hilton Hotel London - Hyde Park
Soar Mill Cove

Secret EscapesJoin now for Free

Save up to 70% on luxury hotels and holidays

Halifax credit card

Halifax Credit Card

0% for up to 20 months on purchases

Start your solar journey today

Start your solar journey today

Earn up to £14,000 and help the environment with solar panels in 2014

Skip NHS queues

Skip NHS queues

Protect you and your family with Private Health Insurance. Find the right policy for you.

Deal or No Deal Instant Win

Deal or No Deal Instant Win

It’s just like stepping into the studio of your favourite TV game show. Try demo and see!

Advertisement starts


Advertisement ends