Zero day specialists hooked on spear phishing

Complex phishing attacks are targeting financial services firms and government entities -- the very organizations that spend more time and money on security than anyone

At the cutting-edge of IT-based crime, attackers are using a combination of easily sourced technologies and social information to carry out successful assaults on the very organizations that spend more time and money on security than anyone in the world.

While he isn't able to share the names of the companies that have been victimized, or the identities of the people within those organizations who have been exploited, an interview with Kevin Mandia, founder and CEO of security services provider Mandiant, provides a shocking view into the incredibly complex attacks being carried out against financial services firms and government entities.

According to the former United States Air Force special agent and IT intrusion investigator, the savviest criminals in the world -- some of whom may receive support from overseas governments -- are targeting specific individuals throughout the ranks of business and government against whom they are executing multitiered attacks in the name of stealing closely protected information.

The continued discovery of new zero day flaws in popular software products -- most notably Microsoft's ubiquitous Windows and Office platforms -- along with the ever-growing amounts of personal and professional information being published online, have created an environment where criminals and their backers can have their way with organizations that already expend tremendous resources on IT security, Mandiant said.

"In a matter of hours someone can identify an employee of a specific organization and create a targeted attack that will allow them to break into that organization's network and steal whatever information they're looking for," Mandiant said. "As long as people can still exploit technologies like Microsoft Office, spear phishing will be a very serious problem."

Spear-phishing attacks are the more targeted iterations of the mass-market scam threats that show up in your e-mail inbox every day.

After hacking their way into major organizations by attacking individual employees using the threats, criminals are gathering the data and materials necessary to turn around and carry out successful campaigns against those organizations' customers and constituents, in addition to making off with intellectual property and other valuable information, Mandia said.

For example, an attacker wishing to carry out some form of campaign against a specific company might simply peruse the Web in search of personal Web pages, or profiles of social networking sites such as MySpace until they find the details of an employee of the firm.

Having deduced what types of communications the person might be open to accepting -- such as e-mail from another site member or someone anonymous with similar social interests -- the attacker then creates a threat through which they attempt to exploit the individual's computer to break into break into the targeted employer's network.

These types of attacks are occurring frequently, and taking their toll on everyone from government contractors to online trading firms, according to the investigator, who said his company has been involved in investigations of similar attacks at two large organizations within the last month alone.

In some cases the examples involve the targeting of IT workers at financial services companies from whom attackers seek to steal customer data to use to launch spear-phishing campaigns, some of which involve fraudulent credit card offers that are being sent to consumers via the U.S. Postal Service.

In other cases attackers are finding lists of government employees who attend specific meetings -- often publicized online -- and using the contextual information they can gather to create targeted threats aimed at phishing sensitive information from those parties.

In some of those cases, Mandiant has seen attacks that have been carried out using the real names of participants and attendees of such meetings, with the attacks carried in e-mail attachments using the real materials discussed at the event -- and crafted to appear as if it is coming from the main speaker or organizer of the meeting.

It's hard to blame people for falling prey to the attacks when there is no evidence of fraud, and such deep contextual information being used to target individuals, he said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?