Targeted trojan attacks and industrial espionage

Alex Shipp MessageLabs

  download slides (PDF)

Currently our statistics show that over email we are stopping 3,000,000 items of malware a day, of which approximately 7 on average can be classified as a targeted trojan attack. This is less than 0.001% of all malware arriving by email, so should we be worried? Analysis shows that these trojans are predominantly an attempt to get data-stealing software inside an organisation, so perhaps we should.

In this paper I will run through a typical targeted attack, talk about what the attacker is trying to achieve, and how they are trying to achieve it. I will then also look at patterns and trends over the last 12 months, and try to make some predictions for the future.

I will also derive some metrics which can be used to explore if targeted attacks should be high up on a company's risk analysis awareness, even though the number of attacks is small.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.