Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Targeted Attacks on the Rise for Small Businesses: Symantec

Attackers are increasingly shifting their focus on smaller businesses when crafting targeted attacks, according to Symantec’s monthly threat report.

The June 2012 Symantec Intelligence Report found that 36 percent of all targeted attacks that were detected over the last six months were directed at businesses with 250 or fewer employees. In comparison, a mere 18 percent of targeted attacks went after small businesses in December 2011.

Attackers are increasingly shifting their focus on smaller businesses when crafting targeted attacks, according to Symantec’s monthly threat report.

The June 2012 Symantec Intelligence Report found that 36 percent of all targeted attacks that were detected over the last six months were directed at businesses with 250 or fewer employees. In comparison, a mere 18 percent of targeted attacks went after small businesses in December 2011.

Targeted Attacks on SMBs IncreasingThe total number of targeted attacks detected each day also increased in the first half of the year, with an average of 151 targeted attacks being blocked each day during May and June, Symantec said. Targeted attacks “went through the roof” in April, at an average of 468 per day, researchers found.

Large enterprises with more than 2,500 employees bear the brunt of these attacks, blocking on average 69 attacks each day, according to the report. The SMB is not that far behind, with 58 directed attacks per day, according to the report.

“There appears to be a direct correlation between the rise in attacks against smaller businesses and a drop in attacks against larger ones. It almost seems attackers are diverting their resources directly from the one group to the other,” said Paul Wood, cyber security intelligence manager at Symantec.

Smaller businesses are often perceived as being easier to victimize since they are less likely to have a full IT staff to look after attacks, according to Symantec. An email that appears to come from a particular individual of could find itself automatically forwarded on to other business contacts, and spreading the infection.

The shifting focus will make security even more expensive for these small businesses. The defense industry, which is listed as a sub-category in the report, tended to be hit with more targeted attacks, with an average of 7.3 attacks per day, according to Symantec. Chemical and pharmaceutical sector was the second most targeted, with one in every five targeted attacks gunning for that industry segment. Manufacturing, accounting for almost 10 percent of all targeted attacks, was third, the report found.

In many cases, the victimized company was not the attacker’s primary target, Wood said. Many of the targeted attacks are designed to take advantage of the weaker company in order to access intellectual property or strategic information that could be used to damage another company.

“An attacker may use your organization as a stepping-stone to attack another company,” Wood said.

While attackers may use customized malware and specially crafted social engineering tricks to gain unauthorized access, “targeted attacks are still very rare,” Wood said. He called these attacks “the next evolution of social engineering” as victims are researched in advance and specifically targeted.

The report also noted that global spam levels continued its gradual decline, falling to 66.8 percent of total mail in June, which is about a 1 percent drop since May. The volume of emails containing links to malicious Websites declined by 1.2 percent, accounting for 27.4 percent of all email-borne malware.

However, phishing related emails increased, as did other types of email-borne threats, according to Symantec. In June, one in 467.7 emails comprised some form of phishing attack and one in 316.5 emails contained malware. Netherlands was the most targeted country for phishing attacks and malicious email activity in June.

The full Symantec Intelligence Report for June 2012 is available here in PDF format.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.