May 5, 2015
Cybercriminals are increasingly copying cyberespionage groups in using targeted attacks against their victims instead of large-scale, indiscriminate infection campaigns.
This change in tactics has been observed among those who launch attacks, as well as those who create and sell attack tools on the underground market.
A recent example of such behavior was seen in a cybercriminal attack against vendors of point-of-sale systems that researchers from RSA <http://www.csoonline.com/article/2912684/network-security/hot-security-products-at-rsa-2015.html> documented last week.
The attackers sent emails to specific vendors impersonating small businesses such as restaurants. This technique, known as spear-phishing, is typically associated with advanced persistent threats (APTs) — highly targeted, customized attacks whose goal is usually long-term cyberespionage.