Hackers target C-level execs and their families

Wed Jul 4 21:24:21 EDT 2007

Hasn't this already been going on a while? I'm only surprised there 
hasn't been a big public incident yet.

Udhay

><http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9026048>http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9026048
>
>By Jeremy Kirk
>July 02, 2007
>IDG News Service
>
>Hackers appear to have stepped up their efforts over the past year to
>trick corporate executives into downloading malicious software that can
>steal company data, according to new data released today.
>
>MessageLabs Ltd., a security vendor that offers e-mail filtering
>services to catch spam and malicious attachments, caught an average of
>10 e-mails per day in May targeted at people in senior management
>positions, up from just one a day during the previous year, said Mark
>Sunner, chief security analyst.
>
>Those 10 e-mails are a tiny percentage of the 200 million e-mails that
>MessageLabs scans every day, but the composition of those messages is
>alarming, Sunner said.
>
>Many of the e-mails contained the name and title of the executive in the
>subject line, as well as a malicious Microsoft Word document containing
>executable code. The hackers are trying to trick the victims into
>thinking the messages come from someone they know, in the hope that the
>victim will willingly install, for example, a program that can record
>keystrokes.
>
>MessageLabs won't reveal what companies have been targeted, but it has
>contacted executives who have been names in the e-mails and discovered
>that the family members of the executives have also received messages on
>their own, noncorporate e-mail accounts, Sunner said.
>
>Those methods suggests that hackers may be researching victims and
>culling data from social networking sites such as Linked In, MySpace or
>Facebook, Sunner said.
>
>"If you really want to work out somebody's background ... you can
>actually find out a lot," Sunner said.
>
>Tricking a relative into installing malicious code would offer the
>hacker another way to collect sensitive data if an executive decides to
>do some work on a home computer, Sunner said.
>
>In June, MessageLabs picked up more than 500 of these targeted messages,
>with some 30% aimed at chief investment officers, a position that can
>include handling mergers and acquisitions. Other positions targeted
>include directors of research and development, company presidents, CEOs,
>chief information officers and chief financial officers.
>
>Another danger is that the e-mails are often single messages sent to a
>single person, rather than a mass spam run. When hackers send out
>millions of messages, security companies often either update their
>software or change their spam filters to trap the bad messages.
>
>But single messages have a higher chance of slipping through, although
>Sunner said MessageLabs' filtering service catches the messages by
>analyzing the e-mail's attachment and determining whether it is
>potentially harmful. Other security companies catch malware by updating
>their software with indicators, or signatures, to detect harmful code or
>block code from running based on what it does on a computer, a
>technology called behavioral detection.
>
>Tracing where the messages come from is difficult because the sender's
>name is always fake, Sunner said. The IP addresses from which the
>messages were sent indicate that the computers are located around the
>world. Hackers often use networks of computers they already control,
>called botnets, to send e-mails.
>
>"Certainly, people need to raise the level of vigilance," Sunner said.

-- 
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com