Hackers target C-level execs and their families
Scheme aimed at specific executives and companies
IDG News Service -
Hackers appear to have stepped up their efforts over the past year to trick corporate executives into downloading malicious software that can steal company data, according to new data released today.
MessageLabs Ltd., a security vendor that offers e-mail filtering services to catch spam and malicious attachments, caught an average of 10 e-mails per day in May targeted at people in senior management positions, up from just one a day during the previous year, said Mark Sunner, chief security analyst.
Those 10 e-mails are a tiny percentage of the 200 million e-mails that MessageLabs scans every day, but the composition of those messages is alarming, Sunner said.
Many of the e-mails contained the name and title of the executive in the subject line, as well as a malicious Microsoft Word document containing executable code. The hackers are trying to trick the victims into thinking the messages come from someone they know, in the hope that the victim will willingly install, for example, a program that can record keystrokes.
MessageLabs won't reveal what companies have been targeted, but it has contacted executives who have been names in the e-mails and discovered that the family members of the executives have also received messages on their own, noncorporate e-mail accounts, Sunner said.
"If you really want to work out somebody's background ... you can actually find out a lot," Sunner said.
Tricking a relative into installing malicious code would offer the hacker another way to collect sensitive data if an executive decides to do some work on a home computer, Sunner said.
In June, MessageLabs picked up more than 500 of these targeted messages, with some 30% aimed at chief investment officers, a position that can include handling mergers and acquisitions. Other positions targeted include directors of research and development, company presidents, CEOs, chief information officers and chief financial officers.
Another danger is that the e-mails are often single messages sent to a single person, rather than a mass spam run. When hackers send out millions of messages, security companies often either update their software or change their spam filters to trap the bad messages.
But single messages have a higher chance of slipping through, although Sunner said MessageLabs' filtering service catches the messages by analyzing the e-mail's attachment and determining whether it is potentially harmful. Other security companies catch malware by updating their software with indicators, or signatures, to detect harmful code or block code from running based on what it does on a computer, a technology called behavioral detection.
Tracing where the messages come from is difficult because the sender's name is always fake, Sunner said. The IP addresses from which the messages were sent indicate that the computers are located around the world. Hackers often use networks of computers they already control, called botnets, to send e-mails.
"Certainly, people need to raise the level of vigilance," Sunner said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts