Hackers are increasingly targeting Trojan attacks at certain businesses in hopes of pilfering intellectual property, according to a security report released today.
MessageLabs said its latest research data shows these kinds of attacks have risen six-fold in the past year. While the increase is dramatic, the number of attempts remains low: the targeted attacks are occurring about once a day rather than one or two per week in 2005, the company said.
An attack email may be sent to people in four or five companies in similar kinds of businesses, said Paul Wood, senior analyst at MessageLabs. The company counts the attempt as one attack.
MessageLabs products filter email and internet traffic before it reaches its users, and the company studies the traffic for trends. It provides services to around 14,000 business customers worldwide, and its attack statistics are drawn from that data pool.
Wood said the methods of attack are changing since computer security has improved overall. "It's very much more difficult for the cybercriminals to get through organisations' defences in the same way that they would have done four or five years ago," he said.
The lower the profile of the attack, the greater the chances are for success, as sending out tens of thousands of email messages with bad programs or links is quickly noticed.
The latest method is to send only a few messages, often to specific people in a company, rather than using programs that harvest large numbers of unrelated email addresses from the internet, Wood said.
Hackers are combining threats through sophisticated programming. Once one malicious program infects a computer, it is often able to download other programs capable of rummaging through files and sending them back to a host, or using the machine to send spam or download adware, Wood said.
To avoid antivirus programs that bluntly filter any email containing an executable attachment, hackers are instead sending links through email or instant messages.
The link can lead to a website hosting a malicious program, some of which can automatically start running if a user doesn't have the proper security updates for their browser, Wood said.
Other attacks target vulnerabilities in applications, such as Microsoft's Word or Excel programs. Hackers can find a vulnerability in those programs, constructing a special Word or Excel file that cause other malicious code to run on a computer when opened, Wood said.