March 12, 2014
New techniques used to steal cyber-info
Yomiuri Shimbun
TOKYO — Cyber-attacks designed to steal valuable business information are becoming more refined and diverse.
Examples of new styles of attacks include virus-laced emails sent to a mailing listused by employees who entered a company in the same year after it was infiltrated by a malicious party, and obtaining information through the use of smartphone viruses.
“Cyber-attacks are becoming ever more sophisticated,” said an official at the National Police Agency.
In one incident using a recent style of attack that relies on social-engineering, a malicious party disguised itself as one of a group of the same-year colleagues.
NPA investigations found the attacker had joined five information-sharing groups on the Internet, possibly collecting personal information relating to group members and selecting targets for premeditated attacks.
The administrator of one group mailing list-used to discuss drinking parties by colleagues who had joined their company at the same time-apparently endorsed the attacker’s application for group membership without confirming his or her identity.
The perpetrator then obtained an email address similar to an authentic member of the group, and sent virus-infected messages to targets. The NPA categorized the attack as a new kind of “identity fraud” cyber-attack.
Last year saw 492 cases of attacks where computer systems in businesses were infected with viruses after emails were sent to specific targets, resulting ininformation security breaches.
Among these were 37 incidents of a more sophisticated “correspondence”-stylephishing attack, up from two in 2012.
In one typical case, one email was initially sent to a company official responsible for hiring new employees, saying that the sender was looking for a job. Having reduced the likelihood that subsequent emails would be treated with suspicion, the attacker then sent a virus-infected attachment, described as a resume.
A technique for targeting smartphones was also identified. Last December, at a company in the science and technology sector, an employee received an unsolicited email via his personal computer advising him to perform an “urgent security upgrade.”
However, the update was fake. If the employee scanned the bar code — attached to the email — with a smartphone, a virus would be downloaded that would then forward the smartphone’s terminal identification information to the attacker. It would then be possible for the smartphone to be controlled remotely.
This specific type of cyber-attack, called a “watering-hole” attack by the NPA, occurred for the first time in Japan last summer. The attack is named after the scenario where animals that have gathered to drink near rivers in the African plains are targeted by predators.
A news site, frequently viewed by many government employees, was altered to include an embedded virus that would infect readers’ computers. The virus was designed to infect only the computers of government employees, or other specific targets.
“It is a highly skilled method of focusing on a narrow range of targets, which makes it difficult to detect the damage inflicted,” a senior NPA official said.
The NPA is currently building a framework to share information about cyber-attacks with about 6,000 companies working with state-of-the-art technology, in fields such as the space and nuclear industries.
“We would like to share information about these techniques as early as possible, and use it to prevent the damage associated with cyber-attacks,” the NPA official said.
No comments:
Post a Comment