Michael McCarthy: Just one click... and the worm can eat your machine

It may have been the world's biggest cyber-conspiracy, but it didn't need to involve genius (of the evil sort). Just plausibility.

Here's an email from your bank, for example, asking you to verify your password. Seems routine enough. Seems authentic. And you're busy. So yeah, do that. Click.

But click and you may be lost. For the basis of penetration of the vast computer networks of campaign groups, businesses, armed forces, even national governments, is often simply "social engineering" – sending out emails purporting to be from someone else. And once the recipient clicks on the attachment, hostile software – malware, in the jargon – inserts itself into their system.

We've grown more sophisticated and more aware of internet fraud. There can be few people who are now excited to receive an email offering 10 per cent of the sum of TWENTY FIVE MILLION DOLLARS! for use of a personal bank account to transfer the cash out of a dodgy place. These days, we look at that and laugh.

But cyber-pirates are growing more sophisticated themselves, and the killer email which worms its way into a system to do untold damage these days may look very authentic. In a report published yesterday, on electronic infiltration of the Free Tibet movement – part of the major Chinese-based cyber-conspiracy – computer experts Ross Anderson from the University of Cambridge and Shishir Nagaraja from the University of Illinois show that sometimes hostile hackers can get hold of a genuine email and add a hostile programme. The result is a hostile infiltration. In their report, "The Snooping Dragon: social-malware surveillance of the Tibetan movement", they write: "This combination of well-written malware with well-designed email lures which we call social malware, is devastatingly effective. Few organisations outside the defence and intelligence sector could withstand such an attack." Governments can mount such an assault, they say, but so could "a capable motivated individual".

Anderson and Magaraja point out that once hostile hackers have made an initial breach, once a single careless employee clicks on the wrong attachment – they can get inside it and use the knowledge they gain to disguise future attacks. "Prevention will be hard."

The lesson is twofold. One: always treat emails from people or organisations you don't know as suspicious, particularly if they have attachments. And two: fooling you is easier than you think.

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
SPONSORED FEATURES
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: IT Support Engineer - 2nd & 3rd Line

    £25000 per annum: Recruitment Genius: The IT Support Engineer is needed to ass...

    Recruitment Genius: Junior / Mid Software Developer

    £22000 - £30000 per annum: Recruitment Genius: This is an exciting opportunity...

    Recruitment Genius: IT Service Desk Manager

    £35000 - £40000 per annum: Recruitment Genius: A great opportunity to join a p...

    Recruitment Genius: Graphic and Motion Designer

    Negotiable: Recruitment Genius: Do you get a buzz from thinking up new ideas a...

    Day In a Page

    The long walk west: they fled war in Syria, only to get held up in Hungary – now hundreds of refugees have set off on foot for Austria

    They fled war in Syria...

    ...only to get stuck and sidetracked in Hungary
    From The Prisoner to Mad Men, elaborate title sequences are one of the keys to a great TV series

    Title sequences: From The Prisoner to Mad Men

    Elaborate title sequences are one of the keys to a great TV series. But why does the art form have such a chequered history?
    Giorgio Armani Beauty's fabric-inspired foundations: Get back to basics this autumn

    Giorgio Armani Beauty's foundations

    Sumptuous fabrics meet luscious cosmetics for this elegant look
    From stowaways to Operation Stack: Life in a transcontinental lorry cab

    Life from the inside of a trucker's cab

    From stowaways to Operation Stack, it's a challenging time to be a trucker heading to and from the Continent
    Kelis interview: The songwriter and sauce-maker on cooking for Pharrell and crying over potatoes

    Kelis interview

    The singer and sauce-maker on cooking for Pharrell
    Refugee crisis: David Cameron lowered the flag for the dead king of Saudi Arabia - will he do the same honour for little Aylan Kurdi?

    Cameron lowered the flag for the dead king of Saudi Arabia...

    But will he do the same honour for little Aylan Kurdi, asks Robert Fisk
    Our leaders lack courage in this refugee crisis. We are shamed by our European neighbours

    Our leaders lack courage in this refugee crisis. We are shamed by our European neighbours

    Humanity must be at the heart of politics, says Jeremy Corbyn
    Joe Biden's 'tease tour': Could the US Vice-President be testing the water for a presidential run?

    Joe Biden's 'tease tour'

    Could the US Vice-President be testing the water for a presidential run?
    Britain's 24-hour culture: With the 'leisured society' a distant dream we're working longer and less regular hours than ever

    Britain's 24-hour culture

    With the 'leisured society' a distant dream we're working longer and less regular hours than ever
    Diplomacy board game: Treachery is the way to win - which makes it just like the real thing

    The addictive nature of Diplomacy

    Bullying, betrayal, aggression – it may be just a board game, but the family that plays Diplomacy may never look at each other in the same way again
    Lady Chatterley's Lover: Racy underwear for fans of DH Lawrence's equally racy tome

    Fashion: Ooh, Lady Chatterley!

    Take inspiration from DH Lawrence's racy tome with equally racy underwear
    8 best children's clocks

    Tick-tock: 8 best children's clocks

    Whether you’re teaching them to tell the time or putting the finishing touches to a nursery, there’s a ticker for that
    Charlie Austin: Queens Park Rangers striker says ‘If the move is not right, I’m not going’

    Charlie Austin: ‘If the move is not right, I’m not going’

    After hitting 18 goals in the Premier League last season, the QPR striker was the great non-deal of transfer deadline day. But he says he'd preferred another shot at promotion
    Isis profits from destruction of antiquities by selling relics to dealers - and then blowing up the buildings they come from to conceal the evidence of looting

    How Isis profits from destruction of antiquities

    Robert Fisk on the terrorist group's manipulation of the market to increase the price of artefacts
    Labour leadership: Andy Burnham urges Jeremy Corbyn voters to think again in last-minute plea

    'If we lose touch we’ll end up with two decades of the Tories'

    In an exclusive interview, Andy Burnham urges Jeremy Corbyn voters to think again in last-minute plea