Cyber-Attacks Growing More Sophisticated, Targeting IT Firms
The report found 184 nations house communication hubs, or command-and-control (CnC) servers.Technology organizations are among the most frequently attacked by cyber-criminals and the majority of Advanced Persistent Threat (APT) attacks—89 percent—are associated with tools developed and disseminated by Chinese hacker groups, according to cyber-security specialist FireEye’s "The Advanced Cyber-Attack Landscape" report. The report found 184 nations house communication hubs, or command-and-control (CnC) servers, with Asia and Eastern Europe accounting for the majority of activity. CnC servers are used heavily during the life cycle of an attack to maintain communication with an infected machine by way of callbacks, enabling the attacker to download and modify malware to evade detection, extract data or expand an attack within a target organization. FireEye drew the information from blocking more than 12 million callback events from 184 countries logged by the FireEye platform, deployed behind firewalls, intrusion prevention systems (IPS), anti-virus (AV) and other security gateways, across thousands of user appliances during 2012. "The threat landscape has evolved, as cyber-threats have outpaced traditional signature-based security defenses, such as anti-virus, and permeated around the world, enabling cyber-criminals to easily evade detection and establish connections inside the perimeter of major organizations," FireEye CEO David DeWalt said in a statement. "The FireEye research puts in proper perspective the global pandemic of this new breed of advanced cyber-attacks."
Technology companies are targeted for the theft of intellectual property, sabotage or modification of source code to support further criminal initiatives. FireEye found that CnC servers are hosted in 184 countries, a 41 percent increase when compared to the FireEye findings in 2010 with 130 countries.