Cybercriminals Turn Their Attention to the Corporate WorldBy Deborah Gage | Posted 2006-04-25 Email Print
Banks and financial services companies are obvious targets, but new study shows materials, manufacturing, pharmaceutical and health-care companies are major targets for phishers.Banks and financial services companies are the favorite targets for Trojan (malware) and software probes, according to a report released in March by two security vendors, Counterpane, and Message Labs.
Nearly 40% of Trojan attacks and 30% of probes in 2005 were aimed at the banking industry, although other industries were not spared. Materials and manufacturing attracted 22% of Trojans, and pharmaceuticals and health care more than 20% of probes.
The pharmaceutical and health-care industry was also the prime target for spyware infections, at 50%, as well as system exploitsattempts to attack via a software flaw such as a buffer overflow. Insurance and real estate ran neck-and-neck with pharmaceuticals in this latter category, with each attracting about a quarter of system exploits.
The report shows a broader trend to attack businesses for financial gain, the vendors said.
At the RSA Security Show in February, Alex Shipp, a technologist at MessageLabs, said he was seeing one or two attacks each week of only 10 to 100 e-mails, sent to pharmaceutical companies, government organizations, law firms or other high-end users.
Most messages contained information-gathering Trojans embedded in Word documents, which were not blocked by corporate e-mail systems.
MessageLabs scans a billion e-mails a week, but Shipp said the small attacks were his biggest worry. "I believe they're data-stealing," he said. "[They are sent to] a highly qualified list of targets."
Targeted attacks are the biggest security threat for Boeing, said Jeannette Jarvis, a security systems product manager at the company who also spoke at the RSA show. According to Jarvis, Boeing has seen an 11,000% increase in "badware" blocked at its network gateway since 2002. The company, for example, sees attacks from China that carry keyloggers looking for CAD/CAM drawings.
Boeing tells its employees, Jarvis said, to study a Web site from the vendor MailFrontierwhich has issued a "Field Guide to Phishing"so they can learn to tell the difference between a legitimate site and a phishing site.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...