Senior OZ Executives & Government Officals Targeted By Hackers
The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored. The targeted attack was also used by hackers to compromise e-mail accounts of top US officials.
Dan Kaminsky, chief scientist at security firm DKH, said:”What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuable information and valuable data,” said
He told the BBC that via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names.
Such attacks are often aimed at top government officials or chief executives of top 100 Companies.
Such attacks are not new, he claims, but they are becoming more commonplace.
“The most interesting information is concentrated in the accounts of a few people,” he said. “Attackers using information to impersonate the users is at epidemic proportions and why computer security is in the state it is in.”
In March, security firm RSA was hit by a sophisticated spear-phishing attack that succeeded despite only two attacking e-mails being sent. The phishing e-mail had the subject line “2011 Recruitment Plan” and contained a booby-trapped spreadsheet.
The founder of the site is technologist and researcher Mila Parkour who said the method used in this attack was “far from being new or sophisticated”.
The RSA attack involved two e-mails sent to a small group of high-value individuals.
She told the BBC she was first alerted to the problem by one individual back in February. She would not reveal their name or position.
Google said that among those targeted were senior government officials, military personnel, journalists, Chinese political activists and officials in several Asia Pacific countries.