Trojan horses pose silent threat to computer systems
- By Patience Wait
- Jun 27, 2005
Government agencies in the United States and the United Kingdom are being targeted by malicious e-mail messages containing Trojan horse software'stealth programs that direct infected computers to transmit information elsewhere'according to a key British agency tasked with thwarting the disguised programs.
The National Infrastructure Security Co-ordination Centre (NISCC), the U.K. equivalent of the U.S. Computer Emergency Readiness Team (US-CERT), issued a briefing this month warning of attacks on British government and corporate systems.
'These electronic attacks have been under way for a significant period of time, with a recent increase in sophistication,' the NISCC briefing stated. 'The attackers' aim appears to be covert gathering and transmitting of commercially or economically valuable information.'
The e-mails contain subject lines that often refer to attached articles that would be of interest to the specific recipients but, in fact, are spoofed. The attachments themselves often are publicly available on the Web or have been sent to distribution lists.
'The attackers are able to receive, [trojanize] and resend a document within 120 minutes of its release, indicating a high level of sophistication,' the NISCC reported. In addition, a number of the Trojan horses have been altered to avoid antivirus detection programs.
According to a report
published by SecurityFocus.com, a Web site dedicated to cybersecurity issues, similar attacks have been detected during the past year targeting agencies in other countries, including the United States.
Officials with the Homeland Security Department declined to comment on the NISCC briefing and, instead, referred GCN to CERT'not the federal entity, but the federally funded R&D coordination center at Carnegie Mellon University. A spokeswoman there said no one was available to answer questions; the two officials qualified to comment on the issue are both out of the country for the week, she said.
Alan Paller, director of research for the SANS Institute in Bethesda, Md., said the government's silence on the issue is not surprising under the circumstances. 'This administration doesn't want to admit the problem [of cyberthreats] is much worse than they thought it was,' Paller said.
In addition to the U.K.'s NISCC, comparable agencies in Canada and Australia also have issued warnings about Trojan horse programs to government offices and companies that are part of those nations' critical infrastructure.