Over the last month the retail sector has become the targets of spear phishermen, a particularly devious and hard to detect targeted attack, according to the cybersecurity firm MessageLabs Intelligence.
In a targeted attack, cybercriminals go after only a few individuals within a particular company in the hopes of compromising the individual’s machine and gaining access to sensitive data, intellectual property, or confidential internal systems.
From mid- to late-September, Symantec’s MessageLabs analysts have identified a disproportionate increase in targeted attacks aimed at the retail sector.
“The number of attacks against the Retail sector jumped to 516 in just the last month alone, compared with the earlier monthly average of just seven attacks per month for much of 2010,” according to MessageLab’s monthly report for October
(.pdf). “The Retail sector had not been the focus of such a major concentrated targeted attack campaign in previous years.”
Until the last month, targeted attacks against the retail sector only accounted for 0.5 percent of all targeted attacks. Now they account for a quarter of all attacks. Yet the 516 attacks targeted just six organizations, which they kept anonymous, and MessageLabs believes the true targets were just two organizations. The firm believes the motive behind the attacks were to obtain sensitive client records.
“The spear phishing attacks, launched in three waves each one week apart, used social engineering techniques to distribute legitimate-looking emails from HR and IT staff of the targeted organization but in actuality contained malicious attachments,” said MessageLabs Intelligence Senior Analyst Paul Wood.