The most dangerous online exploit? The one tailored to target your organization.
For cybersecurity researcher Patrik Runald, as for the cybercriminals he spends his work hours tracking, success is measured in volume. Every day, Runald and others at Finnish anti-virus firm F-Secure detect and catalogue around 20,000 new strains of malicious software. Almost every variation is aimed at indiscriminately spreading to as many computers as possible, adding to cybercriminals' hoard of stolen bank passwords or army of hijacked spam-sending PCs.
But a few times a day, Runald and his colleagues spot a malware attack seemingly focused on quality rather than quantity. F-Secure's anti-virus filters routinely turn up highly specific documents infected with hidden programs--embedded code designed to invisibly hijack the machine of any user who opened the file. In recent months, those booby-trapped documents included a draft agenda of an April UNICEF board meeting, a report on the Asian fertilizer market, a Powerpoint presentation titled "Visiting the Food and Drug Administration," and a swine flu response plan comment form.