Paper Info
Title
Targeted threat index: characterizing and quantifying politically-motivated targeted malware
Abstract
Targeted attacks on civil society and nongovernmental organizations have gone underreported despite the fact that these organizations have been shown to be frequent targets of these attacks. In this paper, we shed light on targeted malware attacks faced by these organizations by studying malicious e-mails received by 10 civil society organizations (the majority of which are from groups related to China and Tibet issues) over a period of 4 years. Our study highlights important properties of malware threats faced by these organizations with implications on how these organizations defend themselves and how we quantify these threats. We find that the technical sophistication of malware we observe is fairly low, with more effort placed on socially engineering the e-mail content. Based on this observation, we develop the Targeted Threat Index (TTI), a metric which incorporates both social engineering and technical sophistication when assessing the risk of malware threats. We demonstrate that this metric is more effective than simple technical sophistication for identifying malware threats with the highest potential to successfully compromise victims. We also discuss how education efforts focused on changing user behaviour can help prevent compromise. For two of the three Tibetan groups in our study simple steps such as avoiding the use of email attachments could cut document-based malware threats delivered through e-mail that we observed by up to 95%.
Year
Venue
Field
2014
USENIX Security
Civil society,Internet privacy,Computer security,Computer science,Social engineering (security),Targeted threat,Compromise,Malware,Sophistication
DocType
Citations 
PageRank 
Conference
15
0.80
References 
Authors
17
8
Name
Order
Citations
PageRank
Seth Hardy1150.80
Masashi Crete-Nishihata2645.71
Katharine Kleemola3150.80
Adam Senft4393.00
Byron Sonne5150.80
Greg Wiseman6312.11
Phillipa Gill71504114.56
Ronald Deibert8232.03