Zeus Malware Reboot SMEs and Small Financial Institutions Beware

The Zeus trojan has undergone another version change and is now targeting small to medium businesses (SMB or SME), according to this article by Information Week.

Zeus is a malicious software application (termed malware) that is designed to steal online credentials and other personally identifiable information (PII); it is geared to stealing banking credentials and information from users.

Zeus is a trojan, so it is disguised as something ‘safe’, and usually spread by links via email, comments on websites, and through social media, especially facebook.

SMBs are particularly attractive because they have more money than the average individual and often have lax security mechanisms in place to mitigate against malicious attacks. According to Symantec in its Internet Security Threat Report 2013, the largest growth area for targeted attacks in 2012 was with small businesses. As it says, “money stolen from a small business is as easy to spend as money stolen from a large business.”

Symantec had found in an earlier survey that many small businesses are not concerned about IT security and usually believe that the data that they have holds little value to attackers.  I have also had to educate some of my clients about the risks involved if their data, or even their servers, were stolen.

The Federation of Small Businesses in the UK reported that small businesses lose £785 million to cybercrime per year. The sad thing is that many a small business would go bankrupt if an attack was successful at draining their bank accounts.

Not only small businesses should be on the alert, but many small financial institutions, such as credit unions, should be aware of the threats and risks. Many of these institutions lack the resources and infrastructure of their larger counterparts and may be ill prepared for those attacks.

So what are some of the ways that small businesses can protect themselves.

1. Have up-to-date anti-virus, anti-spyware and anti-malware software installed and running.
2. Keep your PCs updated to all the latest software and security patches.
3. Use strong passwords on banking websites. If your bank offers a hardware security token, consider getting that service.
4. Train employees to recognise and avoid suspicious emails or links. Also keep an open environment that allows employees to report if they accidently click on a link; time is of the essence for these attacks.
5. If you have any suspicions about an email or message (such as snail mail) received that purports to be from your bankers, call them using the number from the phone book to verify the information. Do not use any numbers, email addresses or internet addresses from the message to contact them.
6. Use a computer account without administrative rights.
7. Always type in the internet address of the bank into your browser. Do not click any links within emails to access the online bank.
8. Limit access to computers that will be used to access online bank applications. Also limit the applications or sites that those computers will be allowed to access to limit exposure to malicious content.
9. If you can’t dedicate a computer to access online banking, then consider using a Live CD of an operating system to just access the online banking system.

For small financial institutions:

1. Make the required investments to secure your data and network.
2. Perform regular security assessments to identify and address risks.
3. Train your employees to become more aware of security risks and what they must do to reduce those risks.
4. Educate your customers as to what they can do to protect themselves.

Online banking is a huge timesaver for many a small business and with the right checks and balances can continue to be a safe way to manage your business’ finances.

Do you have any other tips that I should have mentioned? Feel free to add them to the comments below.