Software firm warns over ‘password change fatigue’


Regular security threats have led to worries over ‘password change’ fatigue

Computer users have been warned that changing passwords regularly to ward off specific malware threats will become increasingly regular.

The warning followed Evginy Bogachev,a Russian,being charged in the US in relation to a malware infection know as Gameover Zeus and a worldwide warrant for his arrest being issued.

“It’s the new normal,” an FBI spokesperson said following the latest threat to sensitive computer information. Zeus will install malware on a computer after a user has clicked on a “phishing” email which then searches for sensitive information on the computer.

Once a file is identified it will will lock the users’ machine and blackmail the person to hand over cash in return for unlocking the computer. Anti- virus and security software provider Kapersky Lab says it is seeing more of these threats everyday.The FBI estimates that financial losses relating to Zeus could run into “hundreds of millions of dollars”.

“We analyse about 300,000 unique samples every day. In terms of volume you have, that’s a massive amount of malware. It’s fairly normal for us,” Kapersky senior security researcher David Emm told Mobile News.

He agreed there is now a worry that some users could be hit by “password change fatigue” with so many threats being reported in recent weeks and also said enterprise users need to take additional steps.

“It comes down to things that I recommend, which is don’t access confidential information on public WiFi that could be used by any person. You can manage mobile devices alongside the others,topolicy-managethem for anti-mailware protection, which will allow them to block or remotely wipe data.”

The scale of the problem was laid bare when the government- backed security site Get Safe Online crashed when news of the threat broke due to the increased traffic load. Chief executive Tony Neate claimed he hadn’t slept “for two days” as he was trying to overcome the problems. Despite adding extra capacity, the site was experiencing problems up to 48 hours.