11 November 2010
Global computer security firm Symantec Hosted Services said the number of e-mail attacks ahead of this week's meeting of the leaders of the Group of 20 major economic powers in Seoul, South Korea, has increased.
Symantec Hosted Services warns that criminals are looking to exploit the G-20 summit and said that during the past month, the number of e-mail attacks using the global gathering to try to get at unsuspecting targets has tripled.
Martin Lee, a senior software engineer at the computer security firm, said attackers are preying on those in the government and business sectors, who are trying to keep up with what is happening at the summit.
"The idea being is to try and catch the target unawares or just to peek their interest, so that they'll think, 'Oh, hang on, what is this? Why I am getting this special e-mail? Perhaps there is something in here which is really interesting, which I could use to my advantage for my career or for my business,'" said Lee.
Lee says that in the run up to this seek's G-20 summit, attackers have used e-mails with malicious attachments such as one from a phony journalist with subject lines that read: "North Korea may attempt to disrupt G-20 Summit: Seoul Warns."
Lee said one e-mail attack focuses on the latest information about the summit; another promises an e-mail attachment containing a contact list for summit participants.
"And it's that, that the attackers are trying to do. Just raise the interest level of their intended victims, so that they will bite the hook, click on the link, install that malware even though it looks like a totally innocuous document. And at that moment - bang - the attacker has got control of their computer."
Lee says that although the number of attacks is relatively small - about six a day, compared to mass attacks that occur in the hundreds of thousands each day - these targeted attacks are made by what he calls "master craftsmen" who target high-value victims.
"So they can get high-value information on the computers that they infect and get it back home. What they do afterwards with the information, we don't really know. But with the amount of time and the amount of effort and skill in this, it has got to be worth a lot of money to somebody."
Lee adds that attackers have gone to great lengths to make their e-mails look real. He said attackers have hacked into legitimate e-mail servers and the web sites of organizations to make their messages look legitimate.
Symantec Hosted Services said that during the past five years, total high-value targeted attacks have increased significantly from one or two attacks per week to nearly 80 per day.
In the run up to the G-20 meeting, the South Korean government raised its alert level for cyber attacks as a precautionary security measure. It also has expressed interest in getting cyber security on the agenda of the meeting.