[BreachExchange] Targeted Attacks or Untargeted Attacks – Which is Most Common?
Destry Winant
destry at riskbasedsecurity.com
Sun Sep 16 21:22:46 EDT 2018
https://techtalk.pcpitstop.com/2018/09/13/untargeted-targeted-attacks-untargeted/
Before discussing the attack methods of hackers, targeted or
untargeted, we first must understand the difference between the two.
First, untargeted attacks are when hackers have no specific vertical,
business, or person they are attacking. Instead, they simply cast as
wide of net as possible, and send out the malicious email, links, etc.
hoping to infect as many people as they can.
Targeted attacks are cyber attacks specifically designed to infect a
particular industry, person, business, or event. For instance, the
cyber attack that hit this year’s opening Olympic ceremonies, or
ransomware attacks targeting the healthcare sector are both examples
of targeted attacks.
But which is most common?
Untargeted attacks are far more common than a targeted attack, for two
primary reasons. First, it is easier execute. Instead of trying to
determine how to infiltrate a specific system, hackers simply create a
generic email with malicious content such as an attachment or link.
>From there, they will send it out to every email address they have
access to. Depending on the form of malware used in the email, this
may lead to extortion from ransomware, installing keyloggers to track
user credentials, the installation of spyware, or breaching company
and/or personal data. Since they have no targeted audience, the
content in the email is kept very vague, so it may be applicable to
everyone. For instance, it may be a fake tracking link for a recent
“purchase”.
Which are more destructive?
Although untargeted attacks are more common, targeted attacks tend to
cause far more destruction. In order for a targeted attack to occur,
there must be two things — a desire to cause damage, and the knowledge
to do so. In targeted attacks, hackers will often target an entire
vertical, such as the financial sector or healthcare industry. The
industry they opt to attack is contingent upon the type of cyber
attack they’re executing.
For instance, if their end goal is to make money, they’ll likely use
ransomware and go after an industry heavily reliant on IT services,
such as hospitals or banks. However, if hackers are targeting credit
card information to sell on the dark web, they will target a large
retail store. The malware variant used is hand-picked, based on the
specific target to generate the most destruction.
Avoiding Falling Victim
By clicking on a malicious email, you open yourself up to malicious
cyber activity, not only on your device, but any other device
connected to the network. Therefore, to keep your network secure, all
users must understand the red flags to be on the lookout for. To
avoid falling victim to a cyber attack, users should do the following:
Look at the “from” address in the email and ensure it is someone you know
Check the “reply to” address and confirm it would go to who it’s supposed to
Look for grammatical and spelling errors within the email
Hover over the link to see where the destination URL is going to take you
Review recent purchases to determine if you should be expecting this
“invoice” or “tracking info”
If you ever question the legitimacy of an email, call the business or
person it is allegedly from to confirm its authenticity.
Also, ensure your device’s operating system and third-party
applications are updated. By doing so, all known vulnerabilities will
be patched avoiding the ability for them to be exploited by cyber
criminals.
More information about the BreachExchange
mailing list