Targeted trojan attacks and industrial espionage

Alex Shipp MessageLabs

Currently our statistics show that over email we are stopping 3,000,000 items of malware a day, of which approximately 7 on average can be classified as a targeted trojan attack. This is less than 0.001% of all malware arriving by email, so should we be worried? Analysis shows that these trojans are predominantly an attempt to get data-stealing software inside an organisation, so perhaps we should.

In this paper I will run through a typical targeted attack, talk about what the attacker is trying to achieve, and how they are trying to achieve it. I will then also look at patterns and trends over the last 12 months, and try to make some predictions for the future.

I will also derive some metrics which can be used to explore if targeted attacks should be high up on a company's risk analysis awareness, even though the number of attacks is small.

VB Conferences

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘I attend a variety of security conferences and events each year and VB continues to be my favourite. Great content, great networking, great organisation.’

Poll

Do you use the same password(s) across multiple websites?

Leave a comment
View 4 comments

VB100 certification

This month VB's test team put 26 products to the test on Windows Server 2008. John Hawes has the full results.
See full results.

Virus Bulletin currently has 190,960 registered users.

Fighting malware and spam