There's a RAT in my network: Sophos reminds users to patch vulnerabilities

November 13, 2002 Sophos Press Release

Sophos, a world leader in corporate anti-virus protection, is reminding users to be vigilant against the threat of Remote Access Trojans (RATs) following the news that unemployed Londoner, Gary McKinnon, has been accused of hacking into a number of US Government networks and implanting a RAT which enabled him to scan 65,000 computers.

So far in 2002, Sophos has seen a 80 percent rise in the number of Trojan horses (including RATs) which are used both by hackers and virus writers to gain remote control of other people's machines. Media reports suggest that this particular hacker infiltrated US Government networks by exploiting vulnerabilities for which patches had been available for 'years'.

"Hackers and virus writers implant RATs into networks by exploiting vulnerabilities in existing software. It is therefore imperative that you patch your machines and network against these vulnerabilities. If you don't, you'll soon find your system hacked and your confidential data on show to all and sundry, " said Graham Cluley, senior technology consultant, Sophos Anti-Virus. "The US government has admitted it has a problem in this case, and of course, it is a prime target for hackers. However, our research shows small private companies are just as likely targets - always-on technologies, like broadband, offer an even greater window of opportunity to cybercriminals looking to make mischief."

Anti-virus software from Sophos and many other anti-virus vendors detects against known RATs and backdoor Trojan horses, so Sophos also reminds users to keep their anti-virus software regularly updated.