Security 500 conference     

 Don’t miss the networking event of the year for security executives!
Register today for the Security 500 Conference.

Security Newswire

Hundreds of Thousands Might Lose Internet in July

April 25, 2012

 An FBI effort to clean up damage done by an international hacking scheme ends on July 9, and any infected computer remaining will no longer be able to access the Internet, according to a report from the Associated Press

Unknown to most victims, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world.

The virus probably infected more than 570,000 computers worldwide, including about 85,000 in the U.S., taking advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software, turning off antivirus updates and changing the way computers reconcile website addresses on the Internet's domain name system. This allowed the attackers to redirect computers to fraudulent versions of any website. 

The hackers netted at least $14 million from their scam, the FBI reports, mostly from profits made from advertisements on websites that victims were tricked into visiting.  

After discovering the hacker ring and the rogue servers, the FBI set up a safety net using government computers to prevent Internet disruptions for those infected users — a highly unusual response for the agency.

"We started to realize that we might have a little bit of a problem on our hands because ... if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service," said Tom Grasso, an FBI supervisory special agent, in the AP article. "The average user would open up Internet Explorer and get 'page not found' and think the Internet is broken."

After arresting the six Estonian hackers last November, the FBI contracted Paul Vixie of Internet Systems Consortium to install two Internet servers to take the place of the truckload of impounded servers. Federal officers planned to keep the system open until March, giving everyone an opportunity to clean their servers. It wasn't enough time, so a federal judge in New York extended the deadline until July, when it is to be shut down, the report says.

The FBI is encouraging users to visit a website run by its security partner that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet.

Most victims don't even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems, AP reports.

"This is the future of what we will be doing," said Eric Strom, a unit chief in the FBI's Cyber Division, in the AP article. "Until there is a change in legal system, both inside and outside the United States, to get up to speed with the cyber problem, we will have to go down these paths, trail-blazing if you will, on these types of investigations."

Now, he said, every time the agency gets near the end of a cyber case, "we get to the point where we say, how are we going to do this, how are we going to clean the system" without creating a bigger mess than before.

Installing and running the two replacement servers for eight months is costing the federal government about $87,000. The majority of the victims are assumed to be individual home users.

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

September 2014

2014 September

In the September issue of Security Magazine, find out who this year's most influential people are in the security industry are. Also, take a peek at the technology products that ASIS 2014 will be showcasing at the upcoming event. Read about the lessons learned from security at the World Cup, find out why tactical medical training is a must for your enterprise and how Atlanta increased security by sharing surveillance.
Table Of Contents Subscribe

Adopting New Technology

How long do you wait before adopting a new technology?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.  

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+