Printer Friendly

Cybercriminals ditching mass spam for targeted attacks.

In the complex and ever-changing landscape of online crime, cybercriminals have made a fundamental shift in strategy, abandoning traditional mass spam attacks in favor of personalised attacks with a greater financial impact on targeted organisations, according to a new security report from Cisco. Research conducted by Cisco[R] Security Intelligence Operations shows the trend toward increased targeted attacks featuring highly customised threats containing malware that are directed at a specific user or group of users for intellectual property theft.

Key Findings - Email Attacks.

* Returns from mass email-based attacks declined by more than 50 percent from US$1.1 billion in June 2010 to $500 million in June 2011.

* Mass spam volumes plummeted from 300 billion daily spam messages to just 40 billion between June 2010 and June 2011.

* There is an increase in spearphishing and personalised scams and malicious attacks.

* Spearphishing attacks have increased threefold, while scams and malicious attacks have increased fourfold

The overall cost of targeted attacks to organisations worldwide is $1.29 billion annually.

Like almost all types of cybercrime exploits, the success of targeted attacks relies on technical holes and the all-too human tendency to misplace trust.

Targeted attacks are the most elusive threat to protect against and have the potential to deliver the most potent negative impact. Very low in volume, they focus on a specific individual or group under cover of anonymity provided by specialised botnet distribution channels. Typically, they rely on malware or APTs (Advanced Persistent Threats) to harvest desired data over a period of time. An example of a targeted attack is the infamous Stuxnet worm, which had the potential to severely disrupt industrial computing systems and could traverse non-networked systems, thus placing at risk even systems unconnected to networks or the Internet.
COPYRIGHT 2011 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2011 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security News and Products
Publication:Database and Network Journal
Date:Aug 1, 2011
Previous Article:New publication from ISACA and IFAC.
Next Article:VoIP for a global, mobile workforce: one Source Networks.

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters