Cyber Security Institute
§ Current Worries
Top 3 Worries
- Regulations
- Old Firewall Configurations
- Security Awareness
§ Listening
For the best information
- The underground
- Audible
- Executive Excellence
- Music (to keep me sane)
§ Watching
For early warnings
- 150 Security Websites
- AP Newsfeeds
- Vendors
Thursday, April 19, 2007
Targeted Attacks on the Rise
It’s the other end of the threat spectrum: Instead of a massive attack on hundreds of your users, it’s one message, sent to a single user, containing a backdoor Trojan—or worse. Such narrowly-targeted attacks are becoming more popular than ever, according to a new report issued today by MessageLabs. The messaging security company says it identified 716 emails in 249 targeted attacks last month. Most of the email attacks came in the form of malware hidden in a Microsoft Office document. Some 45 percent of the attachments were PowerPoint; 35 percent were MS Word files.
“Previously, they may have been lost in the general noise of one to two million pieces of malware per day,” the report states. “Target organizations are those with data worth stealing,” the report says.
“One gang has been using the same two attack files since November 2006,” the report says. The Taiwan gang changes its source IP address frequently, making it hard to detect, MessageLabs says. The IP address hosting the Web server that dishes out the malware is registered to China United Telecommunications Corp. in Beijing. Emails from the Taiwan gang are not particularly attractive, generally showing only a string of unreadable characters and carrying attachments.
Many antivirus applications do not yet detect the Trojan, according to the messaging security company.
http://www.darkreading.com/document.asp?doc_id=122009&WT.svl=news2_5