300 UK government departments and businesses are being targeted by specifically engineered viral attacks.
A report from the National Infrastructure Security Co-ordination Centre (NISCC) suggests the bodies, critical to the country’s infrastructure, have been the subject of attacks mainly originating from the Far East.
“The provenance goes back a number of months,” said Roger Cumming, director at NISCC. “Over the last few months we’ve seen consistent attacks against the UK critical national infrastructure. What characterises it is the scale rather than anything else.”
According to NISCC the attacks take the form of trojan viruses intended to steal information specific to the UK national infrastructure, including information about trade and commerce.
Cumming said NISCC is working with foreign Computer Emergency Response Team (CERT) agencies to shut down the virus writing operations. Although Cumming insisted NISCC is responsible for preserving the safety of UK national infrastructure but keeps a relatively low profile, its public warning has been welcomed by some industry experts.
“Finally the NISCC has awoken to the serious issue of cyber crime and is actively tackling the problem. Businesses that have been lagging behind in getting the right security protection in place need to sit up and listen to the NISCC’s warning against this new onslaught of cyber attacks,” said Bob Jones, MD of internet security company Equiinet. “Whilst anti-virus software and firewalls are critical components of any security infrastructure, the NISCC is right in its statement that companies need to go beyond these traditional defences.”
Cumming said there were a number of measures businesses could take to protect themselves against the viral attacks.”Companies need to understand the risks they’re taking,” said Cumming. “But above all, patch, patch, patch, patch, patch, patch, patch.”