Targeted attack campaigns in APAC will grow in size and scale in 2015, Trend Micro forecasts. The security firm believes next year will be the time where targeted attacks come of age.
Trend Micro has published a report into attack trends observed in APAC during the first half of 2014.
According to the report. spear-phishing emails are still the most common infection vector for networks, accounting for nearly 80% of targeted attack malware.
Common email attachments used to deliver viral payloads include Office documents and RAR files. Another method used to infiltrate networks involves compromising the websites an organization’s employees commonly visit.
The majority of malware (53%) used in targeted attacks were Trojans or Trojan spyware, followed by backdoors designed to aid in establishing command and control communications.
Notable targeted attack campaigns targeting APAC businesses during the first half included the Siesta campaign, which involved an attack with a payload able to stay dormant to evade detection, and the ESILE campaign targeting APAC government institutions.
“The efficacy of targeted attacks this year so far indicates that organizations still struggle to understand targeted attacks,” Trend Micro general manager for Hong Kong and Taiwan Bob Hung said.
“One possible misconception is that targeted attacks are one-time efforts, whilst in reality they are well-planned and can be launched several times until they successfully compromise intended network targets.”
Trend Micro recommends companies use advanced threat detection technologies and shared intelligence to detect and respond to attacks that can evade detection from standard security products.