Increasing attacks on networks are targeted attacking specific industries.
The focus is on the wording, malware, spam, and click baits.
This makes sense since if the easiest attacks are against users and the attacker depends on people either clicking on spam email or clicking on some website link that is laced with malware. The malware then infects the unwitting user to steal some data from the industry.
The real question in all of these attacks is what are the attackers looking for? Since we know it is easy to set up spam, and click bait links.
Here are some attackers recently:
http://securelist.com/blog/research/68817/the-desert-falcons-targeted-attacks/
This attacker listed by Kaspersky is coming from the mideast and is focusing on some goal in the mideast. The speculation is that there is an attack or investigation (recon) for some reason.
Trend Micro is listing reasons for targeted attacks as well:
Reconnaissance/Targeting (just looking – to see what is here)
Delivery Mechanism (testing new code – finding way in – attack until exploit)
Compromise/Exploit (attack until control)
Command and Control (keep a process on your computer for future use)
Persistence /lateral Movement (move to other computers on your network)
Data Ex-filtration (steal or take your data)
If you ask me the command and control is the most dangerous, because once the attacker has a live running process on your computer it is just a matter of time until they sell this “control” on the dark market.
Contact Us if you need help