Targeted Attacks
   HOME

TheInfoList



Click Here for Items Related To - Targeted Attacks
OR:
Targeted Attacks on:   [Wikipedia]   [Google]   [Amazon]

Targeted threats are a class of
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
destined for one specific organization or industry. A type of crimeware, these
threats A threat is a communication of intent to inflict harm or loss on another person. Intimidation is a tactic used between conflicting parties to make the other timid or psychologically insecure for coercion or control. The act of intimidation for co ...
are of particular concern because they are designed to capture sensitive information. Targeted attacks may include threats delivered via SMTP e-mail, port attacks,
zero day attack A zero-day (also known as a 0-day) is a computer-software Vulnerability (computing), vulnerability previously unknown to those who should be interested in its mitigation, like the vendor of the target software. Until the vulnerability is mitigate ...
vulnerability Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...
exploits or
phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwar ...
messages. Government organisations are the most targeted sector. Financial industries are the second most targeted sector, most likely because cybercriminals desire to profit from the confidential, sensitive information the financial industry IT infrastructure houses. Similarly, online brokerage accounts have also been targeted by such attacks.


Impact

The impact of targeted attacks can be far-reaching. In addition to regulatory sanctions imposed by
HIPAA The Health Insurance Portability and Accountability Act of 1996 (HIPAA or the Kennedy– Kassebaum Act) is a United States Act of Congress enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1 ...
, Sarbanes-Oxley, the Gramm-Leach-Bliley Act and other laws, they can lead to the loss of revenue, focus and corporate momentum. They not only expose sensitive customer data, but damage corporate reputations and incur potential lawsuits.


Detection and prevention

In contrast to a widespread
spam Spam may refer to: * Spam (food), a canned pork meat product * Spamming, unsolicited or undesired electronic messages ** Email spam, unsolicited, undesired, or illegal email messages ** Messaging spam, spam targeting users of instant messaging ( ...
attack, which are widely noticed, because targeted attacks are only sent to a limited number of organizations, these crimeware threats tend to not be reported and thus elude malware scanners. *
Heuristics A heuristic (; ), or heuristic technique, is any approach to problem solving or self-discovery that employs a practical method that is not guaranteed to be optimal, perfect, or rational, but is nevertheless sufficient for reaching an immediate, ...
* Multiple-layered pattern scanning * Traffic-origin scanning. Targets known bad locations or traffic anomalies. * Behavior observation. Including desktop emulator solutions and virtual machine behavior analysis.


Examples

* In one instance,
Trojan horses The Trojan Horse was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer's ''Iliad'', with the poem ending before the war is concluded, ...
were used as a targeted threat so that Israeli companies could conduct
corporate espionage Industrial espionage, economic espionage, corporate spying, or corporate espionage is a form of espionage conducted for commercial purposes instead of purely national security. While political espionage is conducted or orchestrated by governmen ...
on each other. * The Hotword Trojan, the Ginwui and the PPDropper Trojans are additional examples of Trojans used for corporate espionage. * Targeted destination attacks use harvested IP addresses to send messages directly to recipients without an MX record lookup. It aims for specific sites and users by defeating hosted protection services and internal gateways to deliver e-mail with malicious payloads.Avinti, Inc. "Targeted Destination Attacks." Sep. 2005. {{cite web , url=http://www.avinti.com/download/labs/targeted_destination.pdf , title=Archived copy , accessdate=2006-11-28 , url-status=dead , archiveurl=https://web.archive.org/web/20120215102852/http://www.avinti.com/download/labs/targeted_destination.pdf , archivedate=2012-02-15


External links


An analysis of Targeted Attacks


Notes

Types of malware ja:標的型攻撃