请输入您要查询的百科知识:

 

词条 Targeted threat
释义

  1. Impact

  2. Detection and prevention

  3. Examples

  4. External links

  5. Notes

Targeted threats are a class of malware destined for one specific organization or industry. A type of crimeware, these threats are of particular concern because they are designed to capture sensitive information. Targeted attacks may include threats delivered via SMTP e-mail, port attacks, zero day attack vulnerability exploits or phishing messages. Government organisations are the most targeted sector.[1] Financial industries are the second most targeted sector, most likely because cybercriminals desire to profit from the confidential, sensitive information the financial industry IT infrastructure houses.[2] Similarly, online brokerage accounts have also been targeted by such attacks.[3]

Impact

The impact of targeted attacks can be far-reaching. In addition to regulatory sanctions imposed by HIPAA, Sarbanes-Oxley, the Gramm-Leach-Bliley Act and other laws, they can lead to the loss of revenue, focus and corporate momentum. They not only expose sensitive customer data, but damage corporate reputations and incur potential lawsuits.[4]

Detection and prevention

In contrast to a widespread spam attack, which are widely noticed, because targeted attacks are only sent to a limited number of organizations, these crimeware threats tend to not be reported and thus elude malware scanners.[5]

  • Heuristics
  • Multiple-layered pattern scanning
  • Traffic-origin scanning. Targets known bad locations or traffic anomalies.
  • Behavior observation. Including desktop emulator solutions and virtual machine behavior analysis.

Examples

  • In one instance, Trojan horses were used as a targeted threat so that Israeli companies could conduct corporate espionage on each other.[6]
  • The Hotword Trojan, the Ginwui and the PPDropper Trojans are additional examples of Trojans used for corporate espionage.[7]
  • Targeted destination attacks use harvested IP addresses to send messages directly to recipients without an MX record lookup. It aims for specific sites and users by defeating hosted protection services and internal gateways to deliver e-mail with malicious payloads.[8]

External links

  • An analysis of Targeted Attacks

Notes

1. ^http://www.symantec.com/connect/blogs/targeted-attacks-now-using-bredolab-malware
2. ^Symantec Corp., Symantec Internet Security Threat Report, Vol X, Sep. 2006, p. 9.
3. ^Security and Exchange Commission. "Online Brokerage Accounts: What You Can Do to Safeguard Your Money and Your Personal Information." https://www.sec.gov/investor/pubs/onlinebrokerage.htm
4. ^Williams, Amrit T., Hallawell, Arabella, et al., "Hype Cycle for Cyberthreats, 2006", Gartner, Inc., Sept. 13, 2006, p. 17
5. ^Shipp, Alex quoted in Gibbs, Wayt. "The Rise of Crimeware.", February 23, 2006. {{cite web |url=http://blog.sciam.com/index.php?title=the_rise_of_crimeware |title=Archived copy |accessdate=2006-11-28 |deadurl=yes |archiveurl=https://web.archive.org/web/20061206192113/http://blog.sciam.com/index.php?title=the_rise_of_crimeware |archivedate=2006-12-06 |df= }}
6. ^Williams, Dan. "Israel holds couple in corporate espionage case." "http://www.computerworld.com/securitytopics/security/virus/story/0,10801,108225,00.html?from=story_kc, Jan. 31, 2006
7. ^Symantec Corp., Symantec Internet Security Threat Report, Vol X, Sep. 2006, p. 4.
8. ^Avinti, Inc. "Targeted Destination Attacks." Sep. 2005. {{cite web |url=http://www.avinti.com/download/labs/targeted_destination.pdf |title=Archived copy |accessdate=2006-11-28 |deadurl=yes |archiveurl=https://web.archive.org/web/20120215102852/http://www.avinti.com/download/labs/targeted_destination.pdf |archivedate=2012-02-15 |df= }}
標的型攻撃

1 : Types of malware
随便看

 

开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。

 

Copyright © 2023 OENC.NET All Rights Reserved
京ICP备2021023879号 更新时间:2024/11/11 21:03:08