JUNE 6, 2014
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
The Question on Privacy

Security for Home Users
Living a Stress-Free Digital Life

Security for Business
A Look at Targeted Attack Trends in 2H 2013



Security for Business

A Look at Targeted Attack Trends in 2H 2013

Network vulnerability is an attacker’s ally. While threat actors have been known to use zero-day exploits, note that most prefer to use old ones like CVE-2012-0158 because they are more readily available and still work.”



Threat actors carefully study their chosen victims to get what they want. And exploiting vulnerable employees, networks, and applications in target organizations is key in successfully carrying out attacks. Attackers know exactly what weaknesses to take advantage of and how to do so. This stayed true in the second half of 2013.

Taiwanese and Japanese Institutions Get Hit

Taiwan and Japan were two of the most targeted countries in the second half of 2013. Countries in Europe, the Middle East, and Africa were also affected. Further scrutiny revealed that 80% of the targeted attacks affected governmental institutions.

Emails remained the most preferred means to get to targets. This isn’t surprising because emails remained the most common communication tool among enterprises and large organizations. Attackers used subjects that were relevant to members of a target organization and malware-laden file attachments to start the network infection chain when opened.

Networks Under Attack

Almost 60% of the malware used in targeted attacks were Trojans or Trojan spyware. These had the capability to steal user credentials that could expose more areas of the network, making it more penetrable. Backdoors followed close behind with a 22% share, as these opened networks to command-and-control (C&C) communications, which led to the next stages of intrusion. BLYPT malware, which were found in September 2013, were particularly noteworthy backdoor examples because they only ran on 64-bit systems.

Help Safeguard Your Organization’s Network

Network vulnerability is an attacker’s ally. While threat actors have been known to use zero-day exploits, note that most prefer to use old ones like CVE-2012-0158 because they are more readily available and still work. That’s why regular patching helps shield organizations against threats.

Note that threat actors will use what works to exfiltrate sensitive information from chosen networks. And mitigating such a risk doesn’t end with using traditional signature-based antimalware solutions and blacklisting. Advanced technology that detects, analyzes, and responds to such attacks is crucial.

Copyright ©2014 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: