What are the Elements of a Targeted Attack?
A targeted attack requires several steps to be successfully implemented. These are known as “vulnerabilities” on the user’s end, and are typically exploits we have all heard of before. Firstly, there is social engineering, where users are duped by illegitimate software and processes. An example of this would be email phishing, where attackers send fraudulent and malicious emails to gain access to a user’s system and sensitive information.
Additionally, attackers will take extra steps to protect their own identities by using automated frameworks. Remote access toolkits are often used to control a user’s system through remote connections. This allows the attacker to influence the system as if they had direct access to it. Anonymity is key, so a variety of tricks and techniques are employed to ensure their own protection.
What Distinguishes a Targeted Attack from a Regular Attack?
The approach of a targeted attack is often described as either direct or indirect. A direct approach is usually more aggressive in which a high-risk/high-reward strategy is employed for a specific, short-term outcome. An indirect approach, by contrast, is more passive. It is often said to be “hidden” as an attacker might use several layers of cloaking and other techniques which preserves their anonymity and in turn, lowers the risk involved.
A targeted attack is different from your run-of-the-mill cyber crimes which are often less discriminating and more opportunistic. Targeted attacks are narrow in focus and directed toward one place, or a group of places, with a unifying theme. Whether the end goal is an organization or specific industry, the amount of effort involved alone should convince you that a targeted attack is never random.
Examples of Recent Targeted Attacks
You’ve certainly seen targeted attacks in the news. Those sensational ‘data heist’ and ‘cyber robbery’ headlines are often describing attacks that have cost public and private organizations billions of dollars in damages. As a result, more money is being invested into research and development to heighten cybersecurity. The value of data is too high, and the damages too great.
In 2013, retail giant Target was the victim of a massive targeted attack which resulted in the loss of over 40 million credit card numbers, and about 70 million pieces of personal data. This breach was the result of social engineering and cost Target hundreds of millions of dollars in damages.
Sony would fall victim to a targeted attack in the following year. A plethora of sensitive data was released to the public, as well as unreleased films. This attack cost the company tens of millions of dollars in damages. The Democratic People’s Republic of Korea, also known as North Korea, was believed to have carried out the attack in response to a film about Supreme Leader Kim Jong Un. The country has since denied responsibility in the attack.
And in 2015, Ashley Madison, a website which promotes extramarital affairs, was the target of an attack that resulted in over 25GB of stolen data. This data contained the emails, passwords, home addresses and contact information of millions of users. Many personal and professional relationships were compromised, and the results were catastrophic. Few shamed participants even committed suicide. Ashley Madison has since doled out tens of millions in damages for what has become one of the most awkward data leaks in recent history.
How Organizations and People are Protecting Themselves
As targeted attacks become more prevalent, organizations and users alike are taking the precautionary steps to adapt and protect themselves. Best practices are evolving to make it more difficult for a targeted attack to be successful. One such recent development has been the adoption of two-factor authentication, where users are prompted for a randomly generated passcode (after successfully entering their username and password) before they can gain access to a system. New strategies for safeguarding against cyber crime continue to emerge, as no individual or group wants to be the next victim of a targeted attack.