A second look at Flamer, targeted attacks in the first half of 2012, and how attackers attempt targeted attacks

This month we conclude our findings on the recent W32.Flamer threat. We show how there is a connection to Stuxnet and Duqu, discuss what we know about who may have created the threat, and highlight more information about what the threat can do.

We also take another look at targeted attacks in general to see what has changed since we last analyzed them in detail. We show how attacks have increased in the first half of 2012, what sectors are being targeted, and how there has been a shift in the size of companies that are being targeted.

Finally, we look in-depth at an attempted targeted attack recently carried out against a company in the aerospace industry. Breaking the attack down, we look at how the attackers attempt to entice employees in the company into launching malicious code that would give them access to the company’s network, and what they could have done had the attack been successful.

I hope you enjoy reading this month’s edition of the report, and please feel free to contact me directly with any comments or feedback.