Cyber attacks growing more targeted
By Rene Millman
Posted on 5 Dec 2006 at 14:39
Anti-virus expert warns that hackers are turning to precise methods to steal company data
There has been an increased amount of malware targeting specific companies, according to an anti-virus expert.
Mikko Hypponen, chief research officer of Finnish anti-virus company F-Secure said that targeted attacks where companies receive only a couple of malware-infected emails from criminals instead of thousands was "an interesting new phenomena".
"Instead of the attacker sending out millions of emails with infected attachments to random recipients, the attack might send just five emails with infected attachments only to one single company," said Hypponen.
He added that his company saw this happen several times over the past year with different companies and organisations targeted.
"There were many cases where the actual attack was pulled off by sending emails that looked like they were coming from someone within the organisation. They were talking about companies' internal issues," said Hypponen.
The attachments were Word, Excel or PowerPoint attachments which contained an exploit.
"In the cases we investigated, the exploit was typically handcrafted so it wasn't detected by the anti-virus which was being used by the company. The end result was the employees got a perfectly normal looking email with an attachment from someone else in the company which they would double click and open."
Hypponen said that as soon as they did that, the email dropped a back door into the system which connected to an IP address outside of the company which could be used to steal information from the infected computer or the user's network drives.
He said that the back door also contained rootkits that allow the malware to hide itself fro the operating system.
Hypponen also said that phishing gangs are widening their nets to target banks in countries which up until now haven't been on the radar of these gangs.
"The phishers are trying to find people who haven't been fooled before," he said.
He also said that there is an increasing use of "money mules" - people recruited by phishing gangs to receive money on behalf of the gangs. He said that the gangs place job ads on legitimate web sites pretending to be bona fide companies.
"They have been successful in hiring perfectly normal people to do this money laundering," he said. "In many of these cases these people had no idea that they were working for criminal companies."
He said phishing attacks will continue to evolve and will use man-in-the-middle attacks on online banks.
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Is Microsoft mismanaging Windows on ARM?
- Dealing with spam surrogates
- Why 3G broadband can be better and cheaper than ADSL
- Is Twitter bad for business?
- Publishing your email address isn't a security disaster
- Why you'll need a fax machine to develop iOS apps
- Learning to adapt to the mobile web
- Why you shouldn't use WPS on your Wi-Fi network
- Disabled users suffer when software breaks the rules
advertisement
