What is a Targeted Email Attack?
Japan Pension Service (JPS) announced that they have been hacked and data of about 1.25 million people was leaked. These data include names, address, pension IDs, and birth dates. According to a report, the reason for the leakage was due to an employee opening an attachment from an email which contained a virus. This form of hack is called a targeted email attack.
Targeted Email Attack
“A targeted email attack is a specific attack in which the attacker, through the email channel, tries to persuade a victim to run a specific, apparently innocuous, action.” eLearnSecurity CTO, Domenico Quaranta explains. “Typical actions are: opening a link or an attachment and downloading & installing a software. More sophisticated attacks could take advantages of software vulnerabilities which do not require user interaction.”
Kyodo News reports that the emails opened by employees of JPS had the subject line, “Regarding the Review of the Employee’s Pension Fund (Draft)”. It was exactly the same as the file that the Health, Labor and Welfare Ministry uploaded on its website in February 2013.
Domenico adds, “Stealing information and gaining the control of the target machine are only few examples of what this attack can bring. According to IT researching firm, Gartner, the email is still the preferred channel to conduct advanced target attacks.”
Toichiro Mizushima, president of Japan Pension Service, issued an apology for the cyberattack and have set high priority on securing the public’s pensions.
Role of Security Awareness
Security awareness plays a key role in this context and it should include everyone in a organization. For example every employee should be informed about the risk related to each incoming email message. This should be done on a regular basis and not just a one-time activity.
A good security awareness program not only informs employees of existing issues, but actually educate them on assessing the security implications of various work scenarios and applying security best practices as they go on their job’s daily duties.
Domenico has joined eLearnSecurity since day 0 and serves as CTO and Tech lead of all the R&D projects. He has authored all the new materials appearing in WAPT course and over 30 new labs in the Coliseum.