Cyber criminals have increased targeted attacks in the first quarter of 2012. Advanced persistent threats (APTs), a long-term, on-going campaign versus the typical smash-and-grab incidents, too are on the rise.

Attackers have piggybacked on visible events such as Whitney Houston's death, and socio-political upheavals around the world to penetrate and infect users and networks and gain access to victims' data. The payload is a malware that is silently executed on the target's computer. This exploitation allows attackers to take control of and obtain data from the compromised computer.

“The number of targeted attacks has dramatically increased. Unlike largely indiscriminate attacks that focus on stealing credit card and banking information associated with cybercrime, targeted attacks noticeably differ and are better characterised as cyber espionage,” Mr Amit Nath Country Manager (India and SAARC) of Trend Micro, said.

An interesting feature of this quarter's attacks is that cybercriminals, who have launched APTs, are keeping track of different attacks to determine which individual attack compromised a specific victim's network.

“The Luckycat campaign, in particular, attacked a diverse set of targets using a variety of malware, some of which have been linked to other cyber-espionage campaigns,” the quarterly report published by Trend Micro said.

New social networking site, Pinterest that helps people ‘pin' content, is one of the victims. “Site users were drawn into re-pinning a Starbucks logo to get supposed gift cards but instead got malware,” the report said.

Spam senders

India has emerged the top source for spam in the first quarter with a share of 20 per cent of all spam generated globally. This was followed by Indonesia (13 per cent), South Korea (12 per cent), and Russia (10 per cent).

The report found that there were 5,000 new malicious Android apps during the period. “With the increased use of smartphones for Internet access and the huge Android user base, the increase in attacks targeting the platform is thus not surprising,” the report said.

“In a typical targeted attack, a target receives a contextually relevant email that encourages a potential victim to click a link or open a file. The links and files the attackers send contain malicious code that exploits vulnerabilities in popular software,” he said.

kurmanath @thehindu.co.in

comment COMMENT NOW