Today’s reports of an “Unprecedented Cyber-espionage Campaign” thought to have to have originated in China is a reminder of how insecure most of our computer networks are.
Computer security company McAfee has a report on Operation Shady Rat that goes into the details of how the attacks worked and their victims, it makes interesting reading and emphasises how widespread industrial espionage is.
In many ways, this is a sophisticated version of the News Of The World “hacks” where journalists and their private detectives took advantage of users’ slack security measures to access phone message banks.
To carry out these “Shady Rat” hacks which – unlike the News Of The World’s actions – deserve the title of “hacking”, the perpetrators sent emails with attachments that took advantage of known security flaws to get inside the victims’ networks where they could access confidential documents.
What is truly amazing is how many of these large organisations, presumably with good sized IT budgets, were running systems that hadn’t been updated to the latest security patches.
This is a problem that goes back to the late 1990s and is something that every computer user, whether a home, small business or large organisation needs to keep up to date with.
Ignoring security releases is just plain dumb, although some organisations defer installing them because of the risk some of these updates may break critical business applications, a dangerous situation which usually indicates underinvestment in IT systems.
An interesting aspect with Operation Shady Rat is how email was used to deliver the spyware, increasingly social media platforms are becoming the way for scammers and crooks to attack systems.
Most Facebook and Twitter users would have received messages along the lines of “hey, you’ve lost weight in this picture” (sadly I haven’t) or “you should read this”. The links in those messages are almost always malware designed to take control of the user’s computer or social media account.
Many people, particularly small business owners and home computer users, say “hey I don’t have anything confidential on my system to worry about”.
Even in the unlikely event your system has nothing of value to a crook, this misses the point that the bad guys can use a compromised account or computer to launch attacks on more lucrative targets. Most infected emails and social media messages come from other victims’ services, making it harder for authorities to find the source of attacks.
Simple security precautions are to use the latest web browsers, which is essential if you’re using cloud computing services, and accepting all trusted security updates for your system.
You also need to be using your judgement as some of the more clever scammers are posing as being updates from trusted companies like Microsoft, Apple and Adobe so if you think something is suspicious, ask or check it out online.
Strong passwords are important along with restricting access to sensitive documents, the latter probably being the most surprising weakness of all in the Shady Rat data thefts.
In an era where our IT systems are essential to work and business, we have to start taking computer security as seriously as we do physical and personal safety. Locking the obvious entry points and strengthening weak areas are obvious and comparatively easy first steps.