Midnight Deadline Approaches for GOZeus and CryptoLocker Victims


The UK’s National Crime Agency has claimed that PC users have until midnight local time on Tuesday to clean their machines and improve defences against notorious malware GameoverZeus and CryptoLocker.

In a little-reported press release issued on Friday, the agency said that although infections had reduced over the past fortnight “thousands” remain affected or at risk.
“Enhancing security after the two-week period has elapsed will still be effective against cybercrime threats, but may not give the enhanced protection available while the GoZeuS and CryptoLocker system is at its weakest,” it said.
The NCA joined forces with the FBI, Europol and other agencies two weeks ago to disrupt the infrastructure behind the infamous malware.
However, rather strangely, the FBI’s public notice on the take-down includes no mention of a two-week window.
Security analyst Graham Cluley was similarly bemused by the two crime agencies’ differing approaches.
“Is it that the authorities can only disrupt the botnet’s infrastructure for so long before it grabs back control over the infected PCs, or have the courts only allowed the computer crime cops a limited time to re-direct victims’ PCs away from criminal servers and in the direction of servers controlled by the good guys instead?” he pondered in a blog post.
“My hunch is the latter, but it doesn’t really explain the different approaches taken by the FBI and the British National Crime Agency.”
Amichai Shulman, CTO of Imperva, described the two-week grace period as “absurd”.
“I don’t expect cybercrime to become extinct – much like regular crime is here to stay – but I do expect it to be reduced to an acceptable level. This is the responsibility of law enforcement,” he added.
“I do expect people to reasonably look after their digital assets. However, you can’t expect anyone with an online bank account to be a cybersecurity expert – that’s the responsibility of the banking application provider.”
David Harley, senior research fellow at ESET, was similarly pessimistic.
“The advice that’s been circulated is, as far as I can see, highly generic: use security software and keep it updated, make sure your systems are being patched, use good password management practice,” he argued.
“Good advice in principle, but I suspect that in general, people who aren’t doing all that already are probably not going to start doing it because CERTs or the FBI are recommending it.”

What’s hot on Infosecurity Magazine?