FBI: Law firms and PR agencies high on hacker target lists
Wednesday, November 18, 2009
Using complex email scams, cyber criminals are increasingly targeting sensitive information held by law firms and public relations companies, according to an FBI advisory released earlier this month.
The technique used in the most sophisticated attacks, experts say, is called spear phishing. While a standard phishing email might blanket thousands of email addresses, hoping for a few pieces of information, spear phishing selectively targets personnel with access to sensitive data and uses sophisticated techniques to make its messages seem genuine.
SANS Institute research director Alan Paller told the Associated Press that a major New York law firm was hacked last year, and that the source of the attack was thought to be a group of Chinese hackers. Law firms are prime targets because they frequently handle highly confidential data related to upcoming or ongoing cases.
Spear phishing attacks have grown in sophistication recently, say experts, presenting potential victims with excellent forgeries of legitimate messages. The best efforts appear to come from trusted sources and have subject lines appropriate to the target's business, says the AP.
Related News:
Gmail security concerns provoke moves toward strict measures - 1.18.2010
After an attack by Chinese cyber criminals penetrated the network security and email systems of U.S. corporations and Chinese human rights activists living abroad, Gmail was quick to announce that it would bolster its security by making HTTPS access the default method.
Security flaw in IE used to target U.S. firms in cyber attack - 1.15.2010
Microsoft announced yesterday that the cyber criminals who launched a large-scale assault on network security at multiple American firms did so via a vulnerability in the company's Internet Explorer browser software.
Cyber attacks prompt probable Google withdrawal from China - 1.14.2010
An attempt to crack the email security protecting the accounts of several human rights activists in China and elsewhere has caused search giant Google to end its cooperative relationship with the Chinese government, and, experts say, probably cease operations in China altogether.
Spam sticks around because it works: Report - 12.29.2009
Although anti-spam utilities have grown more sophisticated and email users have grown more savvy, email spam shows no signs of slowing down, according to the St. Louis Post-Dispatch.
Phishing email takes numerous forms - 11.17.2009
The practice of impersonating authoritative websites and sources in order to convince victims to divulge personal information - known as phishing - has come a long way from the Nigerian "419" scams that popularized the technique in the public mind. Modern phishing is becoming increasingly dangerous in part because attacks can come from a variety of sources.
|
