Communications of the ACM
Researchers Aim to Thwart Targeted Cyberattacks
Professor Engin Kirda and his collaborators have developed advanced malware detection software that can protect against targeted attacks, which represent the growing majority of cyberespionage taking place today.
Credit: Brooks Canaday
Northeastern University researchers are studying a series of sophisticated attacks via email against the World Uyghur Congress (WUC), a Chinese nongovernmental organization.
The researchers found the language and subject matter of malicious emails were specifically tailored to appear friendly, in which the sender was impersonating someone else to lure the recipient into opening an attachment.
As part of the study, two volunteers from the WUC donated more than 1,000 suspicious emails that were also sent to more than 700 unique email addresses.
The researchers used new software and other methods to discover that social engineering was important to the attackers' ability to gain access to victims' accounts, and the suspicious emails were sent from compromised accounts within the company or contained email addresses that differed from friendly addresses by a single character or two. They also found the malware delivery vectors were most often attached documents rather than ZIP files or EXE files. The malware delivered to the victims also was similar to that used in other recent targeted attacks, rather than representing zero-day malware.
Northeastern professor Engin Kirda says understanding these types of attacks is important to developing software that can protect against them.
From Northeastern University News
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found