sb-nz logo
Story image

67b emails rejected due to 'highly malicious attack techniques'

09 Aug 2019

Cybersecurity firm Mimecast analysed 160 billion emails sent between April and June 2019, and found that 60 billion (approximately 42%) of those were rejected because they displayed ‘highly malicious attack techniques’.

The Mimecast Threat Intelligence Report, which analysed data taken from 34,000 Mimecast customers around the world, revealed two vastly different attack trends. Attackers are using either simple, opportunistic attacks; or complex, targeted attacks based on necessity to impact the target.

There was also a significant increase in impersonation attacks that were leveraging well-known basic social engineering techniques to target individuals for fast and easy financial gain.

The report suggests that actors are adapting how they engage their targeted victims, initiating through email first, then shifting to SMS, which is a less secure communications channel according to Mimecast.

There is also a rising number of complex targeted attacks that use obfuscation, layering and bundling of malware. 

Researchers found that threat actors using these types of attacks are getting to know their target’s security environment, then implementing multiple evasion techniques in efforts to avoid detection.

“The cyber threat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets,” comments Mimecast vice president of threat intelligence Josh Douglas. 

“We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly.”

The report also gives specific examples of emerging threats, active threat campaigns observed, primary threat categories and volume, and the top targeted sectors.

Popular malware campaigns incorporated Emotet, Adwin, Necurs, and Gandcrab malware. 

Additionally, Microsoft Excel was one of the most popular file types used to distribute malicious threats, accounting for 40% of file associations. Microsoft Word files were associated with 15% of threats.

Other key findings from the report:

  • Threat actors are becoming more organised and business-like by implementing subscription and as-a-service-based business models to deliver malware in an effort to reduce their work and improve their return-on-investments
  • Spam is heavily used by threat actors as a conduit to distribute malware. Professional education was the most targeted sector for spam, as they are likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness and the potential for attackers to get access to personal data
  • Attacks on management & consulting and biotechnology industries accounted for 30% of all impersonation attacks
  • Trojans made up 71% of opportunistic attacks

“The mission of the Threat Intelligence Report is to help organisations better understand the global threat landscape, so they can make more informed decisions on how to strengthen their security posture,” Douglas concludes.

Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More