Cybercriminals Focus on Spear Phishing Rather Than Traditional Spam

Sue Marquette Poremba
Slide Show

How Not to Look Like a Phish

Seven ideas to keep in mind when crafting corporate email.

Just in time for Independence Day weekend, I got an email from my friends at Cisco, alerting me that we are seeing an independence, of sorts, from spam. The decrease has been happening for a while. Research conducted by Cisco Security Intelligence Operations found the following:


  • Returns from mass email-based attacks declined by more than 50 percent from US$1.1 billion in June 2010 to $500 million in June 2011.
  • Mass spam volumes plummeted from 300 billion daily spam messages to just 40 billion between June 2010 and June 2011.

This matches up with news from earlier in the year, when the Rustock botnet was taken down. However, before we get too excited about the decrease in spam, Cisco warns that cybercriminals are still out there and still busy; they've just refocused their strategy. Replacing traditional mass spam attacks are personalized attacks with a greater financial impact on targeted organizations.


Again, the Cisco report found:


  • Spear-phishing attacks have increased threefold, while scams and malicious attacks have increased fourfold.
  • The overall cost of targeted attacks to organizations worldwide is $1.29 billion annually.

A Cisco release explained the new trend this way:

Like almost all types of cybercrime exploits, the success of targeted attacks relies on technical holes and the all-too-human tendency to misplace trust. Targeted attacks are the most elusive threat to protect against and have the potential to deliver the most potent negative impact. Very low in volume, they focus on a specific individual or group under cover of anonymity provided by specialized botnet distribution channels. Typically, they rely on malware or APTs (Advanced Persistent Threats) to harvest desired data over a period of time. An example of a targeted attack is the infamous Stuxnet worm, which had the potential to severely disrupt industrial computing systems and could traverse non-networked systems, thus placing at risk even systems unconnected to networks or the Internet.

Nick Edwards, director of Cisco's Security Technology Business Unit, added:

Personalized and targeted attacks that focus on gaining access to more lucrative corporate bank accounts and valuable intellectual property are on the rise. Law enforcement efforts are making mass spam attacks less appealing to cybercriminals, who are thus spending more time and effort focusing on different types of spearphishing and targeted attacks.

A blog post at All Spammed Up explained very nicely why enterprise should care about spear phishing - before the Cisco report was released:

Even when used against other companies, spear phishing erodes at and threatens to harm the trust placed in this important communication channel.

In addition, it is also unlikely that all the capabilities exhibited by the alleged state-sponsored hackers are developed internally. There is essentially nothing to prevent these same tools from leaking into the larger hacker underground, or for these highly-skilled and trained professionals from leveraging their skills and tools for personal profit-at the expense of your company.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.