This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.theguardian.com/technology/2015/oct/13/nca-in-safety-warning-after-millions-stolen-from-uk-bank-accounts

The article has changed 6 times. There is an RSS feed of changes available.

Version 1 Version 2
Cyber attack warning after millions stolen from UK bank accounts Cyber attack warning after millions stolen from UK bank accounts
(about 1 hour later)
Britain’s top crime agency has warned internet users to protect themselves against cyber attacks that have seen fraudsters steal millions of pounds from UK bank accounts. Law enforcement officials are hunting cyber attackers who have pulled off a series of internet “heists” on British bank accounts worth at least £20m.
The National Crime Agency (NCA) said a virus is being used by hackers to harvest online banking details and gain access to accounts across the country. British government ministers have been informed and the law enforcement effort involves the United Kingdom’s top secret electronic security centre at GCHQ, as well as the UK’s national Computer Emergency Response Team (CERT), which was set up in 2014.
Dridex malware has been developed by technically skilled cyber criminals, with UK losses estimated to run to £20m. In the US the FBI is involved, while in Europe the police agency Europol is also helping to investigate, as well as law enforcement in Germany and Moldova where it is believed the attackers may have links to.
At least one “significant arrest” has already been made, with thousands of UK computers thought to have been affected. The virus or malware, known as Dridex, may be responsible for worldwide losses of $100m so far.
Mike Hulett, head of operations at the NCA’s cyber crime unit, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made.” The cyber criminals have used malware to gain access to people’s personal computers. The virus memorises the login and password details used to access internet banking services, then passes it back to the attackers who then use the information to steal from bank accounts.
Computers become infected with the virus when users receive and open documents in seemingly legitimate emails, the NCA said. In the UK the National Crime Agency fears it could be one of the worst cyber attacks they have seen. Public estimates of the losses are described as “conservative”, a NCA spokesperson said.
Those with internet bank accounts have been encouraged to visit the CyberStreetWise and GetSafeOnline websites, where a number of anti-virus tools are available to download to help clean up infected machines as well as guidance on how users can protect themselves in the future. The NCA added: “Computers become infected with Dridex malware when users receive and open documents in seemingly legitimate emails. The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users.”
The NCA is working to stop the affected computers from communicating with the cyber criminals controlling them. This activity is in conjunction with a US operation, currently being undertaken by the FBI. The virus so far is not believed to have infected smartphones. People are being told they can best protect themselves by boosting their computer security.
The FBI’s executive assistant director, Robert Anderson, said: “Those who commit cyber crime are very often highly-skilled and can be operating from different countries and continents. They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime. Mike Hulett, NCA spokesman, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made.”
“We urge all internet users to take action and update your operating system. Ensure you have up-to-date security software and think twice before clicking on links or attachments in unsolicited emails”. At least one arrest has been made, last month, and on Tuesday night the US department of justice gave details of the arrest. It said: “Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of Moldova, was charged in a nine-count indictment unsealed today in the western district of Pennsylvania with criminal conspiracy, unauthorised computer access with intent to defraud, damaging a computer, wire fraud and bank fraud. Ghinkul was arrested on 28 August, 2015 in Cyprus. The US is seeking his extradition.”
“Cyber criminals often reach across international borders, but this operation demonstrates our determination to shut them down no matter where they are. Attacks from the virus had stopped but are now feared by law enforcement to have restarted.
“The criminal charges announced today would not have been possible without the cooperation of our partners in international law enforcement and private sector. We continue to strengthen those relationships and find innovative ways to counter cyber criminals.” The NCA said that Dridex, known also as Bugat and Cridex, was created by “technically skilled cyber criminals in eastern Europe to harvest online banking details, which are then exploited to steal money from individuals and businesses around the world. Global financial institutions and a variety of different payment systems have been particularly targeted.”
FBI executive assistant director Robert Anderson: “Those who commit cyber crime are very often highly skilled and can be operating from different countries and continents. They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”
Law enforcement cyber experts are trying to stop the malware sending money to accounts controlled by the criminals.
The NCA said: “Users are urged to visit the CyberStreetWise and GetSafeOnline websites where a number of anti-virus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future.”