It has recently come to light that more than 70 organizations have been targeted in cyber attacks. Far from a new phenomenon, the attacks are estimated to have been carried out over the past half decade with some infiltrations lasting over two years.
Western companies were targeted for the most part along with the United Nations, the International Olympic Committee and high-profile government bodies in the US, Taiwan, South Korea and India.
The cyber onslaught, believed to have been carried out by a lone hacker or group of hackers working together, used spear phishing which is a technique that involves accessing a person’s computer network by email.
Phishing attacks involve sending spam en masse to trick recipients into logging into a fake website to steal personal information, which is usually subsequently used for financial gain. Spear phishing grants cyber criminals control of targeted individuals’ computers from where they can comb through the network.
The profile of victims of spear phishing is narrower than that of phishing attacks in that since employees of certain organizations can unwittingly act as gateways for cyber criminals, higher-ranking employees are often the most frequently concerned. The effort is more streamlined than in standard phishing as the emails sent are personalized and hackers want to gain access to specific individuals’ emails and passwords or download malware (malicious software), allowing them to work their way through the organization’s network by hijacking an individual’s computer.
According to an Anti-Phishing Working Group report on crimeware, activity rose significantly last year with over 10 million new pieces of malware revealed in the second half of 2010.
The latest cybercrime discovery, Operation Shady RAT (Remote Access Tool), began in July of 2006 and is thought to be the work of a State culprit.
In a recent report, McAfee’s vice president of threat research Dmitri Alperovitch specified that among the victims were over 20 government organizations, over 10 companies in the realm of IT, communications and electronics, and more than 10 defense contractors, all but one of which belonged to the US.
15 Countries Hit
While the majority of overall breaches involved the US, the attacks spanned almost 15 countries worldwide, including Canada, Taiwan, Japan, Switzerland and the UK. The victim breakdown shows the wide-ranging nature of the attacks and begs the question of motivation.
While phishing scams seek financial gain through fraudulent activity, the latest spate of spear phishing was more concerned with accessing confidential intellectual property than immediate financial gain.
The latter is irrelevant, however, especially given that data accessed could afford hackers a competitive edge by exposing the opposition’s strategies and trade secrets. Information from other sectors could afford hackers a military or political advantage.
Though many officials point to a State perpetrator without naming names, Center for Strategic and International Studies cyber expert Jim Lewis told Reuters that China was the most likely culprit because stolen data could prove especially beneficial to Beijing: “Everything points to China. It could be the Russians, but there is more that points to China than Russia.”
Key Findings – Cyber Crime Survey (source: Computer Security Institute)
The findings of the CSI Computer Crime and Security Survey 2010-2011, which polled more than 35 US employees in information security and technology sectors, found that:
- Of around 50% of respondents who reported at least one security breach in 2010, just over 45% of them stated they had fallen victim to at least one targeted attack.
- Just more than 18% of respondents reacted to a security compromise by informing individuals whose private data had been accessed and almost 16% said they updated their customer security services.
- A high number of respondents listed visibility as a desired security solution to boost visualization of security information and to optimize log management.
- Those polled responded positively regarding the impact of regulatory compliance on their security systems.