The Gulf Time Newspaper One of the finest business newspapers in the UAE brought to you by our professional writers and editors.
DUBAI / Emirates Business
Globally 74 percent of all targeted attack attempts use email vectors, even as business emails are estimated to reach 139.4 billion per day by 2017. Trend Micro on average blocks 50 billion email spam-sending IP addresses.
Spear phishing is commonly being used by attackers to gain access to a company networks to facilitate a targeted attack, through malicious emails. Attackers gather intel on an individual in the targeted company and using the gathered information an email with malicious attachment or link is then sent to the target. Once the target opens the email, the attachment or link leads the target to a malicious website hosting malware, thus infecting the targets machine, giving the attackers access to the network.
“Attackers disguise these emails to make it look like its coming from a legitimate source, a colleague, a new updated from the HR team or something work related. The attackers will have done their homework, so the target is not suspicious of the incoming email, a few clicks and the criminals have been successful in infiltration the system. Email is the most common form of business communication, and one of the easiest way for attackers to get into a company’s network,†commented Ihab Moawad, VP Mediterranean, Mid. East, Africa, Russia & CIS at Trend Micro.
How do attackers/cybercriminals gain unauthorised access to company networks and manage to steal personal information, financial data? While some people may know a little about corporate data breaches, few know how it’s actually done, or the methods cybercriminals use to execute an attack.
In a targeted attack, attackers have a certain level of expertise and have sufficient resources to execute their schemes over a long period of time. In cases where the breach indeed resulted from a targeted attack, it is important to know that attackers can adapt, adjust, and improve their attacks to counter their victim’s defences. Attackers utilise various social engineering techniques that leverage recent events.