There was no let up in so-called targeted attacks by cyber criminals this month across all sectors and geographies, according to the October 2010 MessageLabs Intelligence Report of Symantec. While some types of attacks saw marginal decreases, the report noted that the threats remain.
Globally, attacks increased to 77 attacks per day from only one to two attacks per week five years ago when the attacks were first discovered. Among the different types of security attacks, from e-mails to website and domain attacks, e-mail attacks were lower in volume but are "one of the most damaging types of malicious attacks", said MessageLabs Intelligence senior analyst Paul Wood.
Wood added: "Although the number of unique attack exploits being deployed has diminished slightly, the number of attacks used by each exploit has increased."
Spam attacks decreased 4.2 per cent from last month to 87.5 per cent while viruses decreased 0.01 percentage points to one in 221.9 e-mails. Phishing attacks also decreased 0.06 percentage points to one in 488 e-mails.
Countries in Asia experienced a similar trend. Hong Kong posted highest spam rates at 92.4 per cent in October from 92.7 per cent. India had the highest virus rate with one in 84.8 e-mails from one in 177.1 last month.
Across industries, MessageLabs noted an increase in attacks in a particular industry, retail.
"For the first time, targeted attacks hit the retail sector hardest this month where they increased from a steady monthly average of 0.5 per cent of all attacks over the past two years to 25 per cent in October characterised by a retail organisation that was the intended recipient of three waves of highly targeted spear phishing attacks. In October, 1 in 1.26 million e-mails comprised a targeted attack," the report stated.
The attacks in the industry also targeted specific operational units, human resources and IT.
"The spear phishing attacks, launched in three waves each one week apart, used social engineering techniques to distribute legitimate-looking e-mails from HR and IT staff of the targeted organisation but in actuality contained malicious attachments," said MessageLabs.
The report theorized that the attackers might be trying to steal client information from the retail industry.
One unidentified large retailer was attacked 324 attacks (63 per cent) of the total 516 attacks last month.
MessageLabs said the attack on any particular industry may happen any time. "This month it was the turn of the retail sector to be subjected to a persistent series of targeted attacks, but next month it may well be your business," the report read.