Australia's Small to Medium Businesses Targeted by Global Cyber-Criminals

Dec. 11, 2012 - PRLog -- (SYDNEY, Australia)  A major cyber-attack currently targeting Australian small and medium businesses is highlighting their growing vulnerability to internet crime, according to security vendor Trend Micro.

The attack is a “file infector” type of malware that is marked by its aggression and complexity, with Australia being one of the main global targets. Cybercriminals have set up a botnet –  made up of many infected computers and controlled by a remote server – in Australia and more than 3,000 firms have been targeted so far.

In addition, Australian SMBs are the first in the Asia Pacific region to experience a new ransomware attack.  Supposedly originating from the “Anti Cyber Crime Department of Federal Internet Security Agency” or ACCDFISA, the malware takes over a user’s Windows server and tries to extort money from them.

“The threat landscape is rapidly evolving and small to medium businesses are increasingly under fire. For cyber-criminals, they make an attractive target. SMBs often lack the IT resources and skills of larger enterprises, and can be a weak link in the supply chain that leads into larger enterprises,” said Sanjay Mehta, Managing Director, Trend Micro ANZ.

“SMBs are low-hanging fruit for cyber-criminals that offer an effective return on investment for minimal effort. We’re also seeing more sophisticated attacks – such as targeted attacks and Advanced Persistent Threats, or APT - enter the SMB space,” said Mr Mehta.

The risks to SMBs are significant: data loss, financial loss, interception of sensitive content, brand and reputation damage, legal implications, and the costs of spending time and money to clean infected systems.

The Australian Federal Police’s recent bust of an international criminal syndicate underlined the growing nature of the threats.  Targeting small businesses, the gang generated Australia’s largest data breach investigation and theft of credit card data, gaining access to 500,000 Australian credit cards, with around 30,000 cards used for fraudulent transactions amounting to more than $30 million.

Aggressive Malware  

The latest malware attack is an example of the growing challenge. Targeting multiple endpoints, today’s malware can morph into hundreds or thousands of variants and can propagate across multiple devices in just a few minutes.  

The current file infector malware striking at Australian SMBs is hard to detect.  Controlled by a command-and-control (C&C) server, it sits dormant until the criminal sends the commands to activate it. The C&C server can direct the infected computers to launch spam attacks or denial-of-service attacks, or download other malware.

The virus aggressively mutates or propagates via mapped drives or shared folders, potentially infecting the whole network.

“This latest virus represents a new breed of complex, harmful and very aggressive malware that has been tuned for an SMB network.  Mutating quickly, it takes only one infected computer to spread like wildfire on a network,” said Adam Biviano, Senior Manager, Strategic Products, Trend Micro ANZ.  

“If a small business suspects an infection within their network, it must be dealt with as quickly as possible.  They need to reduce the potential for losses and spreading it to other companies,” said Mr Biviano.  

Trend Micro has created a tool named Trend Micro Rescue Disk to clean systems infected with this particular variant of the file infector malware.

TOP SECURITY TIPS FOR SMBs

Every business is a prime target for cybercrime. SMBs should follow these tips and best practices:

-          Stay vigilant. Ensure that you and every one of your employees—technical or not—stay abreast of the latest in cybercrime. Be educated about the newest fraud schemes and apply best practices, such as not responding to unsolicited email messages or opening attachments and clicking suspicious links embedded in them.

-          Enforce internal security policies. It’s also wise to enhance your network security and banking protocols.

-          Plan ahead. Always be on the lookout for suspicious online activities and prepare contingency plans for any instance of actual compromise.

-          Secure your devices. Make sure your devices or endpoints are secure.

- End -

About Trend Micro
Trend Micro Incorporated (TYO- 4704; TSE- 4704), a global cloud security (http://cloudsecurity.trendmicro.com/) leader, creates a world safe for exchanging digital information with its Internet content security (http://www.trendmicro.com/us/index.html) and threat management solutions for businesses and consumers.  A pioneer in server security (http://www.trendmicro.com/us/enterprise/challenges/cloud-...) with over 20 years' experience, Trend Micro delivers top-ranked client, server and cloud-based security that fits customers' and partners' needs, stops new threats faster, and protects data in physical (http://www.trendmicro.com/us/enterprise/challenges/cloud-virtualization/physical/index.html), virtualized (http://www.trendmicro.com/us/enterprise/challenges/cloud-virtualization/virtual/index.html) and cloud (http://www.trendmicro.com/us/enterprise/challenges/cloud-virtualization/cloud/index.html) environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, Trend Micro’s products and services stop threats where they emerge – from the Internet, and are supported by 1,000+ threat intelligence experts around the globe.  

Additional information about Trend Micro Incorporated and its products and services are available at Trend Micro.com (http://www.trendmicro.com/us/index.html). This Trend Micro news release and other announcements are available at http://NewsRoom.TrendMicro.com and as part of an RSS feed at www.trendmicro.com/rss.   Or follow our news on Twitter at @TrendMicro (https://twitter.com/#%21/trendmicro).