Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Small Business

    Cyber-Attacks Growing More Sophisticated, Targeting IT Firms

    By
    Nathan Eddy
    -
    April 23, 2013
    Share
    Facebook
    Twitter
    Linkedin

      Technology organizations are among the most frequently attacked by cyber-criminals and the majority of Advanced Persistent Threat (APT) attacks—89 percent—are associated with tools developed and disseminated by Chinese hacker groups, according to cyber-security specialist FireEye’s “The Advanced Cyber-Attack Landscape” report.

      The report found 184 nations house communication hubs, or command-and-control (CnC) servers, with Asia and Eastern Europe accounting for the majority of activity. CnC servers are used heavily during the life cycle of an attack to maintain communication with an infected machine by way of callbacks, enabling the attacker to download and modify malware to evade detection, extract data or expand an attack within a target organization.

      FireEye drew the information from blocking more than 12 million callback events from 184 countries logged by the FireEye platform, deployed behind firewalls, intrusion prevention systems (IPS), anti-virus (AV) and other security gateways, across thousands of user appliances during 2012.

      “The threat landscape has evolved, as cyber-threats have outpaced traditional signature-based security defenses, such as anti-virus, and permeated around the world, enabling cyber-criminals to easily evade detection and establish connections inside the perimeter of major organizations,” FireEye CEO David DeWalt said in a statement. “The FireEye research puts in proper perspective the global pandemic of this new breed of advanced cyber-attacks.”

      Technology companies are targeted for the theft of intellectual property, sabotage or modification of source code to support further criminal initiatives. FireEye found that CnC servers are hosted in 184 countries, a 41 percent increase when compared to the FireEye findings in 2010 with 130 countries.

      Worryingly, attackers are increasingly sending initial callbacks to servers within the same nation in which the target resides. This approach not only improves evasion for the cyber-criminals but it also gives organizations a strong indicator of which countries are most interesting to attackers, the report said. To further evade detection, CnC servers are leveraging social networking sites such as Facebook and Twitter for communicating with infected machines.

      “In order to appear as normal network traffic and evade network deep packet inspection technologies, attackers now embed commands or stolen information within files that look standard, such as JPGs,” the report warned. “Depending on your organization’s industry and location, the scope, frequency and nature of attacks your organization encounters can vary substantially. By assessing callback information, you can begin to take a more realistic look at the threats your organization will likely face, and the steps needed to guard against these attacks.”

      The study follows a report last week from security specialist Lookout, which issued an alert that a new malware family, BadNews, was found in the Google Play Store in 32 applications, from four different developer accounts. BadNews masquerades as an innocent, if somewhat aggressive, advertising network. It uses its ability to trigger application installation prompts and display fake news messages in order to push out other types of monetization malware and promote affiliated apps.

      “BadNews is a significant development in the evolution of mobile malware, because it has achieved very wide distribution by using a server to delay its malicious behavior–in fact, this is the highest distribution Lookout has ever seen,” the advisory stated.

      Nathan Eddy
      A graduate of Northwestern University's Medill School of Journalism, Nathan was perviously the editor of gaming industry newsletter FierceGameBiz and has written for various consumer and tech publications including Popular Mechanics, Popular Science, CRN, and The Times of London. Currently based in Berlin, he released his first documentary film, The Absent Column, in 2013.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×