Cybercriminals Turn Their Attention to the Corporate World

Banks and financial services companies are the favorite targets for Trojan (malware) and software probes, according to a report released in March by two security vendors, Counterpane, and Message Labs.

Nearly 40% of Trojan attacks and 30% of probes in 2005 were aimed at the banking industry, although other industries were not spared. Materials and manufacturing attracted 22% of Trojans, and pharmaceuticals and health care more than 20% of probes.

The pharmaceutical and health-care industry was also the prime target for spyware infections, at 50%, as well as system exploits—attempts to attack via a software flaw such as a buffer overflow. Insurance and real estate ran neck-and-neck with pharmaceuticals in this latter category, with each attracting about a quarter of system exploits.

The report shows a broader trend to attack businesses for financial gain, the vendors said.

At the RSA Security Show in February, Alex Shipp, a technologist at MessageLabs, said he was seeing one or two attacks each week of only 10 to 100 e-mails, sent to pharmaceutical companies, government organizations, law firms or other high-end users.

Most messages contained information-gathering Trojans embedded in Word documents, which were not blocked by corporate e-mail systems.

MessageLabs scans a billion e-mails a week, but Shipp said the small attacks were his biggest worry. “I believe they’re data-stealing,” he said. “[They are sent to] a highly qualified list of targets.”

Targeted attacks are the biggest security threat for Boeing, said Jeannette Jarvis, a security systems product manager at the company who also spoke at the RSA show. According to Jarvis, Boeing has seen an 11,000% increase in “badware” blocked at its network gateway since 2002. The company, for example, sees attacks from China that carry keyloggers looking for CAD/CAM drawings.

Boeing tells its employees, Jarvis said, to study a Web site from the vendor MailFrontier—which has issued a “Field Guide to Phishing”—so they can learn to tell the difference between a legitimate site and a phishing site.