This graph from the latest MessageLabs Intelligence Report shows the growth of targeted attacks.
(WEB HOST INDUSTRY REVIEW) — Targeted attacks have increased significantly since they were first discovered five years ago, according to the latest MessageLabs Intelligence Report from security, storage and systems management solutions provider Symantec (www.symantec.com).
According to analysis presented in the October 2010 report, targeted attacks have multiplied from one to two attacks per week in 2005 to 77 attacks per day in October 2010.
“While targeted emails by nature are sent in low volumes, they are one of the most damaging types of malicious attacks,” MessageLabs Intelligence senior analyst Paul Wood said in a statement. “We have seen a constant influx of targeted attacks over the past six months with the type of organization targeted changing on a monthly basis and the number of targeted users increasing each month. Although the number of unique attack exploits being deployed has diminished slightly, the number of attacks used by each exploit has increased.”
Targeted attacks, for the first time, hit the retail sector hardest this month, where they increased from a steady monthly average of half-a-percent of all attacks over the past two years to a quarter of all attacks in October.
Typically, between 200 and 300 organizations across various industries are targeted each month. In October, an average of 5.4 users were targeted within each organization – these same individuals tend to be targeted over time, but using different exploit methods.
In October, the number of targeted attacks aimed at retail businesses rose considerably above the monthly average of 1 in 1.26 million, increasing the likelihood of an attack by a factor of almost 6.3 times. In addition, the number of attacks against the retail sector jumped to 516 in the last month, compared to just seven attacks per month for much of 2010 marking the first time the retail sector had been the focus of a targeted attack campaign in recent years.
“Of the 516 attacks, only six organizations were the intended targets but two of them were mainly targeted one of which was the target of 63 percent of the 516 attacks,” Wood said in a statement. “The spear phishing attacks, launched in three waves each one week apart, used social engineering techniques to distribute legitimate-looking emails from HR and IT staff of the targeted organization but in actuality contained malicious attachments.”
Another trend identified in the MessageLabs report is a drop in the global ratio of new to unknown spam emails in traffic from to 87.5 percent, a decrease of 4.2 percentage points since September. Also, 23 percent of email-borne malware contained links to malicious websites in October, an increase of 15.5 percentage points since September.
No related posts.
