Many highly publicized attacks have been based on a tactic called "spear-phishing, " where email users are tricked into opening a legitimate-sounding message that contains code called malware that lets attackers penetrate corporate networks.
This action follows a February attempt to exploit my name and my book as part of a spearphishing attack launched at .mil and .gov email accounts (see here and here), but this is not a new focus area for me or for my GreyLogic colleagues.
They have not been able to establish how exactly the hackers broke into the system, but believe it may have been through a so-called spear-phishing attack, where an employee clicked on an email or link containing malicious code.