Cyber-attackers using diverse new techniques to steal info

Cyber-attackers using diverse new techniques to steal info

Cyber-attacks designed to steal valuable business information are becoming more refined and diverse.

Examples of new styles of attacks include virus-laced e-mails sent to a mailing list used by employees who entered a company in the same year after it was infiltrated by a malicious party, and obtaining information through the use of smartphone viruses.

"Cyber-attacks are becoming ever more sophisticated," said an official at the National Police Agency.

In one incident using a recent style of attack that relies on social-engineering, a malicious party disguised itself as one of a group of the same-year colleagues.

NPA investigations found the attacker had joined five information-sharing groups on the Internet, possibly collecting personal information relating to group members and selecting targets for premeditated attacks.

The administrator of one group mailing list-used to discuss drinking parties by colleagues who had joined their company at the same time-apparently endorsed the attacker's application for group membership without confirming his or her identity.

The perpetrator then obtained an e-mail address similar to an authentic member of the group, and sent virus-infected messages to targets. The NPA categorized the attack as a new kind of "identity fraud" cyber-attack.

Last year saw 492 cases of attacks where computer systems in businesses were infected with viruses after e-mails were sent to specific targets, resulting in information security breaches.

Among these were 37 incidents of a more sophisticated "correspondence"-style phishing attack, up from two in 2012.

More about

Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.