Targeted Trojan attacks on the rise, report finds
- — 07 July, 2006 08:16
Computer hackers are increasingly tailoring attacks using Trojan horse programs for certain businesses in hopes of filching intellectual property, a new security report released Thursday said.
MessageLabs said its latest research data shows these kinds of attacks have risen six-fold over the same period in 2005. While the increase is dramatic, the number of attempts remains low: The targeted attacks are occurring about once a day rather than one or two per week in 2005, the company said.
An attack e-mail may be sent to people in four or five companies in similar kinds of businesses, said Paul Wood, senior analyst for MessageLabs. The company counts the attempt as one attack.
MessageLabs products filter e-mail and Internet traffic before it reaches its users, and the company studies the traffic for trends. It provides services to around 14,000 business customers worldwide, and its attack statistics are drawn from that data pool.
Wood said the methods of attack are changing since computer security has improved overall. "It's very much more difficult for the cybercriminals to get through organizations' defenses in the same way that they would have done four or five years ago," he said.
The lower the profile of the attack, the greater the chances are for success, as sending out tens of thousands of e-mail messages with bad programs or links is quickly noticed.
The latest method is to send only a few messages, often to specific people in a company, rather than using programs that harvest large numbers of unrelated e-mail addresses from the Internet, Wood said.
Hackers are combining threats through sophisticated programming. Once one malicious program infects a computer, it is often able to download other programs capable of rummaging through files and sending them back to a host, or using the machine to send spam or download adware, Wood said.
To avoid antivirus programs that bluntly filter any e-mail containing an executable attachment, hackers are instead sending links through e-mail or instant messages.
The link can lead to a Web site hosting a malicious program, some of which can automatically start running if a user doesn't have the proper security updates for their browser, Wood said.
Other attacks target vulnerabilities in applications, such as Microsoft's Word or Excel programs. Hackers can find a vulnerability in those programs, constructing a special Word or Excel file that cause other malicious code to run on a computer when opened, Wood said.