Targeted attack is a type of cyberattack that usually involves the collection of information about a specific target company, individual, or system. The data acquired is then used to craft the attack to be specifically tailored to that target in order to breach its security. Targeted attacks often use malware such as ransomware or phishing to gain access to a network, system, or data.
Targeted attackers may be motivated by profit, espionage, or political gain. Private companies may be targeted to access sensitive data which can be monetized. Government entities may be targeted to gain access to national security information. Individuals have also been targeted using ransomware or releasing stolen data in a form of extortion.
Targeted attacks are highly dangerous due to their targeted and tailored nature. To counter targeted attacks, impact assessment can be used in order to analyze a company’s security posture and vulnerabilities, as well as to study past attacks with an aim towards discovering patterns. Companies should also consider investing in solutions such as firewall systems, anti-malware programs, and detection tools in order to prevent and detect targeted attacks.