Global APT Threats

Our friends at Trend Micro have released a research report and an infographic that shows the global reach of espionage networks that use spearphishing to infiltrate computer networks.  Spearphishing is a malicious email that is targeted to the recipient that encourages the recipient to take an action that will compromise his system.  Trend Micro summarizes the problem:

The number of targeted attacks has dramatically
increased. Unlike largely indiscriminate attacks that focus
on stealing credit card and banking information associated
with cybercrime, targeted attacks noticeably differ and
are better characterized as “cyber espionage.” Highly
targeted attacks are computer intrusions threat actors
stage in order to aggressively pursue and compromise
specific targets, often leveraging social engineering, in
order to maintain persistent presence within the victim’s
network so they can move laterally and extract sensitive
information.

This infographic provides a visual overview of the problem:

In order to prevent social engineering from deceiving the email recipient,  SP Guard from Iconix modifies the email client’s display to provide a visual indicator of the identity of the sender of email. This is an example from Outlook, the popular business email client, in which a company called “MyCo” is marking their internal messages as well as those from trusted partners such as their law firm.  Note especially the last message, though seemingly benign, is a spear-phishing message and is not marked as authentic:

SP Guard Inbox

SP Guard provides the email recipient with three easy to recognize confirmations that a message is really an internal email or from a trusted counterpart:

  1. List View. There is an integrity indicator in the list view of the email client.
  2. Message. The open message has a further indicator of authenticity.
  3. Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.

SP Guard is available now from Iconix.  For further information, contact us at 408-727-6342, ext 3 or use our online form.

Advertisements

3 Responses to Global APT Threats

  1. […] software does not work against Advanced Persistent Threats. In the realm of Advanced Persistent Threats, the malware is targeted and designed for each […]

  2. […] call to action. The email had a PDF attachment which installed malware which is a variant of the GhostRAT command and control APT. The attack was discovered and reported by security experts at […]

  3. […] attachment, that infiltrates the targeted network.  Spearphishing is an infiltration tactic heavily favored by sophisticated […]