Canadian Manufacturing

Hackers going ‘old-school’ when trying to steal your data, says report

Malicious software practices from the 1990s are experiencing a resurgence, says a data security firm

April 9, 2015  by David Friend, The Canadian Press

SAN DIEGO, Calif.—Some of the most familiar tricks from the hacker playbook are taking on another life, according to a new report that suggests junk emails have once again become a security threat.

Websense, a U.S.-based firm which monitors data theft in the business community, says malicious software practices from the 1990s are experiencing a resurgence in popularity with criminals.

Think of the days when companies warned their employees not to open email attachments because they risked exposing the entire computer system to security vulnerabilities.

While that might seem like another technology era to many people, the risk of computer users falling victim to these “old school” tactics has spiked, Bob Hansmann, director of product marketing at Websense, said in an interview.


Websense’s annual Threat Report suggests that hackers are adopting new variations of the email attachment attack that challenge even the most secure corporate systems.

The way it works is unsuspecting users open an email attachment that seems legitimate, such as a Microsoft Word document or Excel spreadsheet that looks like it was sent by a colleague. The file then unleashes “macro code” which instructs the computer to contact a website and download an executable file that makes the machine vulnerable to security attacks without the user even knowing it.

While these types of attacks seemed to be mostly resolved for years, many IT departments have shifted their focus to other security priorities, which puts them at greater risk, Hansmann said.

“We took our eye off of it,” he said. “The trouble with security is there’s so many things we need to watch.”

At one time, macro viruses were primarily used by computer experts, but the Websense report said a variety of tools now now being created by “specialized threat-kit brokers” who then buy or subcontract the technology to outsiders.

“Macro viruses came in 1995 and died off rather quickly, so seeing those things all of the sudden being used in new ways … is making it very difficult for security solutions,” said Hansmann.

Some corporate internal security systems are so modern they don’t even search for macro code violations, he added.

The Websense report suggested that businesses reconsider the role email can play in security attacks.

Last year, Websense said it found 81 per cent of all email scanned by its services was identified as “unwanted,” which was a 25 per cent jump from 2013.

The company said that of the 11,000 businesses it services, Websense detected 28 per cent of malicious email messages before most antivirus monitors notified their computer software programs. That left computers exposed for about 17.5 hours on average, Websense suggested.