Experts Recommend Avoiding Internet Explorer
The credit union industry is reacting to the ongoing attack on Microsoft’s widely used Internet Explorer software by recommending people avoid using the browser.
Security experts reported the flaw in a number of versions of Explorer last week, including the latest, and the software giant responded by issuing patches, including an update to the XP system it had just ended supporting.
Worldwide media reports already indicate the hackers are using the vulnerability to break into computer systems across all industry verticals, and individual users.
Dell SecureWorks is following the so-called IE Zero Day attack and issued recommendations from Jon Ramsey, CTO at the Atlanta-based provider of Internet security services to hundreds of credit union and other clients. The company said its research shows the hackers responsible are a group it calls the Pirpi Malware Family.
“This is a skilled and proficient group that has targeted a diverse range of industries including technology providers, financial services organizations, and members of the defense industrial base since at least 2006,” Ramsey said. He said they historically have relied heavily on spear phishing attacks that contain a link to a website that hosts exploit code.
Ramsey and others are recommending that Internet Explorer users – individuals and companies – use the patch for IE vulnerability just released by Microsoft as soon as possible. If unable to do that, Ramsey recommends these steps first.
- Disable Adobe Flash plugin. There is no associated vulnerability in Flash, but it is used to create the proper memory environment for successful exploitation and its absence will prevent infection in this specific case.
- Enable Enhanced Protected Mode (EPM). Introduced in Internet Explorer 10, EPM provides features that can prevent this exploit from working.
- Deploy the Enhanced Mitigation Experience Toolkit (EMET). The observed exploit contains techniques intended to bypass common mitigation strategies such as DEP and ASLR. EMET implements extended exploit mitigation.
Some in the credit union industry said they are trying to follow the advice.
“For our operations in both Washington and Madison, we recommended that folks stop using Explorer (our default browser here) and employ alternatives (which many already had available to them – such as Google Chrome or Mozilla Firefox) for the short term,” CUNA spokesman Pat Keefe said in an email.
“Based on what we’ve heard from credit unions, many of them took the same or similar actions. Microsoft apparently released a fix to this yesterday; CUNA IT experts recommend everyone using IE should download this new patch and validate that it applies correctly to truly resolve this issue,” Keefe said.
CUNA Mutual Group also issued alerts to its policy holders that included similar warnings. “Credit unions should ensure the security update for Internet Explorer is downloaded and installed as soon as possible. Members should also be notified of the security update,” said the statement from CUNA Mutual Group Risk Management provided by spokesman Phil Tschudy.