Threat Intelligence, Incident Response, TDR

Report: 76 percent of targeted Q1 attacks were aimed at government orgs


A quarterly report found that 76 percent of targeted attacks – primarily launched by hacktivists or nation-state actors – were aimed at the government sector.

Released Tuesday, Trend Micro's Q1 2014 report, called “Cybercrime Hits the Unexpected,” (PDF) highlighted the findings.

Other industries that lagged far behind in attack volume, were the industrial sector, which accounted for seven percent of targeted attacks, and the IT and telecommunications industries, which each accounted for five percent of attacks.

Trend Micro's findings were based on anonymous customer data in its global network. Daily, the firm correlates and analyzes 100 terabytes of data.

On Thursday, JD Sherry, vice president of technology and solutions at Trend Micro, told in an interview that “targeted attacks” were assumed to be those with “some element of intricate social engineering involved.”

“[That attacks leverage] something known about the target that is special or unique to them, gathered through social engineering or some aspect of their life that is exposed online,” Sherry explained.

He added that, the findings reaffirm research from Q4 of last year, which also deemed the public sector a top target for these attacks.

“Especially in the public sector, [targeted attacks] are definitely going to be hacktivist driven, or some other government trying to carry out espionage,” Sherry said.

In March, Trend Micro, revealed an espionage operation, dubbed the “Siesta campaign,” which targeted a diverse range of industries, including the energy, defense and telecommunications sector, via spear phishing emails sent to executives.

The firm found that one spear phishing ruse consisted of a spoofed email to an exec, designed to look like communication from an internal employee. In actuality, the email contained an executable disguised as a PDF attachment.

In his interview, Sherry added that, in addition to the wealth of information government organizations obtain, they can also be viewed as easy targets by saboteurs.

“We still are seeing many organizations, including the public sector, in particular, that are still reeling from the financial sector crisis,” Sherry said. “They have really been lagging on investments in human resources to make sure systems are patched, logs are being monitored, and networks are being secured. Their vulnerability, or risk profile, is higher than normal,” he said.

In the report, Sherry advised organizations to tailor their defense strategies, much like crafty saboteurs that have done their research to pinpoint entities' weak points.

"The customized nature of targeted attacks has changed the threat landscape," Sherry wrote in the report. "There is no silver bullet; instead, a customized defense strategy that improves detection, analysis, adaptation, and response is necessary to minimize risks and the impact of targeted attacks."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.