July 2, 2007 6:29 AM PDT

Top executives face personalized e-mail attacks

Online miscreants have targeted 500 key business executives in what is believed to be the first mass-targeted malicious-software attack, according to security vendor MessageLabs.

Targeted attacks aim to bypass security measures by individually addressing e-mails, which often contain zero-day exploits.

On June 26, MessageLabs intercepted more than 500 individual e-mail attacks targeted at individuals in senior management positions in a variety of organizations around the world. Normally, MessageLabs sees approximately 10 targeted attacks per 200 million e-mails per day, according to Mark Sunner, MessageLabs' chief security analyst.

The malicious e-mails contain the name and job title of the victim in the subject line. The vertical sector most targeted was banking and finance, with chief investment officers being targeted in 30 percent of the attacks, according to Sunner. However, other verticals were also targeted. Eleven percent of the intended victims were chief executive officers, while 6 percent were chief finance officers.

Sunner said the executives being targeted were perhaps "not that tech-savvy." In the attacks, an executable file was embedded in a Microsoft Word document. If the victim opened the document and clicked on a link, the file would have run a data-stealing Trojan horse that relied on creating buffer overflow conditions in Office documents.

MessageLabs said it did not know who had perpetrated the attack. "It's a certainty that some executives were compromised," Sunner said.

The intended victims' spouses and relatives were also targeted by name, in attempt to infect other computers related to the victim. The intent was to indirectly gain access to confidential correspondence and intellectual property relating to the target, MessageLabs said.

Sunner said he suspected that the hackers harvested the information using search and social-networking sites.

"Someone somewhere has really done their homework," Sunner said.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
MessageLabs Ltd., victim, top executive, attack, finance

8 comments

Join the conversation!
Add your comment
Ever heard of D&B
Summer thinks they may have used search a social netowrking sites...

Why? I can find out who the CEO, CFO, etc. of damn near any company by using any one of D&B's services. If I pretend like I care about their product the Company Reach/Hoovers/etc. salesman will let me test drive their product for a week or more.

Then, it is a matter of using Google to find other connections that might be exploitable.

The Myspace/social networking angle isn't as cost/time-effective as Hoovers and Google.
Posted by phillynets (73 comments )
Reply Link Flag
Why bother with a test drive?
Chances are about 100% that a ton of Windows machines run by businesses are owned by blackhats.

IMO, it's likely they run the D&B searches from them and let their owners pick up the tab.
Posted by rcrusoe (1305 comments )
Link Flag
At the risk of sounding cynical...
At the risk of sounding cynical, if I were PR for MessageLabs and wanted to tell all the C-level executives about my anti-spam and anti-virus message screening services (since they are the decision makers), I'd sure try to give news.com a scare story about targeted attacks on said C-level execs - without following through with any hard facts. Now, I'm new to this cynicism game - how did I do? :-)
Posted by hutchike (157 comments )
Reply Link Flag
At the risk of sounding cynical...
Dude, you are on the doorstep to the side-ways view of the world. You are getting your cynicism, now you have to go to work on your jadedness and you will be complete.
Posted by Grumpyz77 (19 comments )
Link Flag
Poorly done
The moronic C-level execs need a kick in the butt so they get a clue. They seem split between ignorant paranoids who do everything wrong and overconfident twits who believe taking precautions is for hourlies.
Posted by Phillep_H (497 comments )
Link Flag
Responsibility...
If you're gonna use the electronic wizardry of today's buisness world, then you better find out how to make it work for you.

Execs are, for the most part, prima-donnas who don't think they need to understand technology to use it.

Hand them a Blackberry, and they're awed...but don't have the sense to monitor whether the unit's radio is on or off.

And spam mystifies them...they think it's a personal affront to their peaceful existence. Minions are mobilized to attempt to track down the source, etc., etc. Just delete thing and get on with life.

And, don't get me started on laptops in their hands...
Posted by Kings X Rocks! (89 comments )
Reply Link Flag
email unusseful
I get a lot of email unusseful and i can't subcribe.

<a class="jive-link-external" href="http://www.versuri32.com/versuri/oasis/index.php" target="_newWindow">http://www.versuri32.com/versuri/oasis/index.php</a>
<a class="jive-link-external" href="http://www.versuri32.com/versuri/pearl-jam/index.php" target="_newWindow">http://www.versuri32.com/versuri/pearl-jam/index.php</a>
and here
<a class="jive-link-external" href="http://www.versuri32.com/versuri/sasha/index.php" target="_newWindow">http://www.versuri32.com/versuri/sasha/index.php</a>
Posted by versuri32 (3 comments )
Reply Link Flag
I kind of like the idea
There really should be direct, personal consequences to top level managers of companies that engage in socially or environmentally (is there really a difference in the end?) egregious manners.

Too bad it's being misused by common criminals.
Posted by Dr_Zinj (727 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.