June 16, 2005 8:38 AM PDT
Asian Trojans attacking U.K., agency warns
According to the National Infrastructure Security Co-ordination Centre, hackers in East Asia have developed Trojan horse programs that attempt to steal information from certain parts of the critical national infrastructure, which includes not only government agencies but businesses in the finance, transportation and telecommunications sectors.
A report from the NISCC said: "Parts of the U.K.'s critical national infrastructure are being targeted by an ongoing series of e-mail-borne electronic attacks. While the majority of the observed attacks have been against central government, other U.K. organizations, companies and individuals are also at risk."
The Trojans can infect computers through e-mails and Web sites. The e-mails are usually spoofed and appear to be from news or government agencies.
Companies running Microsoft software are most vulnerable to the attacks, the NISCC said. It added that the Trojans differ from previous attacks but didn't give any further information.
Roger Cumming, director of the NISCC, said the attacks have been happening for some months.
"We cannot say hand on heart and identify who is doing this," he said. "In order to name countries and shame them, we'd need evidence that stands up in court. This is different from the stuff you've been seeing--it's industrial strength. We reached a point where if we were to assist U.K. (businesses), we needed to make (them) aware of this."
"We've worked hard to get this information into the public domain as quickly as possible," he added. "The majority of attacks exploit known vulnerabilities. If there was a word to use here, it would be 'patch.'"
Dan Ilett of Silicon reported from London.