Cybercriminals Favoring Targeted Attacks over Mass Spam
In a continuing trend, new research released by Cisco today further confirms that cybercriminals have made a fundamental shift in strategy, abandoning traditional mass spam attacks in favor of personalized attacks with a greater financial impact on targeted organizations.
The research conducted by Cisco Security Intelligence Operations shows a trend toward increased targeted attacks that have the ultimate aim of gaining access to specific sensitive data, corporate intellectual property or access to confidential internal systems. This is undertaken by targeting specific individuals within the companies being targeted. Targeted attack emails are typically sent in low volumes but are potentially one of the most damaging threats any organization can face.
The recent theft of millions of names, email addresses and personal information from Epsilon, Sony, Gannett Government Media, and many others is further giving the cybercriminals holding this data opportunity to construct highly personalized attacks.
According to Ram Mohan, CTO at Afilias and a regular SecurityWeek columnist, “As a result of these breaches, criminals now have enough information to construct highly targeted phishing runs aimed at known customers of the affected companies. They can also address their potential victims by name. Many savvy net users have learned to be suspicious of emails beginning with “Dear Customer” or other vague salutations, but these targeted “spear phishing” attacks can look a lot more convincing. If you already have a business relationship with a company and you receive a realistic-looking email purportedly from that company, you’re a little more likely to believe the phisher’s overtures are genuine if they address you by name.”
According to Cisco’s research, spear phishing attacks have proven to be both highly dangerous to victims and highly valuable to cybercriminals. Cisco says that, a highly customized phishing attack can net 10 times the profit of a mass attack.
Returns from mass email-based attacks declined by more than 50 percent from US$1.1 billion in June 2010 to $500 million in June 2011.
• Mass spam volumes plummeted from 300 billion daily spam messages to just 40 billion between June 2010 and June 2011.
• There is an increase in spearphishing and personalized scams and malicious attacks.
• Spearphishing attacks have increased threefold, while scams and malicious attacks have increased fourfold.
• The overall cost of targeted attacks to organizations worldwide is $1.29 billion annually.
“Personalized and targeted attacks that focus on gaining access to more lucrative corporate bank accounts and valuable intellectual property are on the rise,” said Nick Edwards, director of Cisco’s Security Technology Business Unit. “Law enforcement efforts are making mass spam attacks less appealing to cybercriminals, who are thus spending more time and effort focusing on different types of spearphishing and targeted attacks.” The global study focuses on perspectives from 361 information technology professionals from 50 countries and was compiled by Cisco Security Intelligence Operations, which provides real-time threat intelligence to help Cisco stay ahead of the latest cyber threats. Cisco SIO is the world’s largest cloud-based security ecosystem, using SensorBase data of almost 1 million live data feeds from deployed Cisco email, Web, firewall and intrusion prevention system (IPS) solutions.