sb-nz logo
Story image

67b emails rejected due to 'highly malicious attack techniques'

09 Aug 2019

Cybersecurity firm Mimecast analysed 160 billion emails sent between April and June 2019, and found that 60 billion (approximately 42%) of those were rejected because they displayed ‘highly malicious attack techniques’.

The Mimecast Threat Intelligence Report, which analysed data taken from 34,000 Mimecast customers around the world, revealed two vastly different attack trends. Attackers are using either simple, opportunistic attacks; or complex, targeted attacks based on necessity to impact the target.

There was also a significant increase in impersonation attacks that were leveraging well-known basic social engineering techniques to target individuals for fast and easy financial gain.

The report suggests that actors are adapting how they engage their targeted victims, initiating through email first, then shifting to SMS, which is a less secure communications channel according to Mimecast.

There is also a rising number of complex targeted attacks that use obfuscation, layering and bundling of malware. 

Researchers found that threat actors using these types of attacks are getting to know their target’s security environment, then implementing multiple evasion techniques in efforts to avoid detection.

“The cyber threat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets,” comments Mimecast vice president of threat intelligence Josh Douglas. 

“We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly.”

The report also gives specific examples of emerging threats, active threat campaigns observed, primary threat categories and volume, and the top targeted sectors.

Popular malware campaigns incorporated Emotet, Adwin, Necurs, and Gandcrab malware. 

Additionally, Microsoft Excel was one of the most popular file types used to distribute malicious threats, accounting for 40% of file associations. Microsoft Word files were associated with 15% of threats.

Other key findings from the report:

  • Threat actors are becoming more organised and business-like by implementing subscription and as-a-service-based business models to deliver malware in an effort to reduce their work and improve their return-on-investments
  • Spam is heavily used by threat actors as a conduit to distribute malware. Professional education was the most targeted sector for spam, as they are likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness and the potential for attackers to get access to personal data
  • Attacks on management & consulting and biotechnology industries accounted for 30% of all impersonation attacks
  • Trojans made up 71% of opportunistic attacks

“The mission of the Threat Intelligence Report is to help organisations better understand the global threat landscape, so they can make more informed decisions on how to strengthen their security posture,” Douglas concludes.

Story image
Ransomware and Microsoft Exchange attacks surging 
There are global surges in ransomware attacks alongside increases in cyber attacks targeting Microsoft Exchange Server vulnerabilities, according to Check Point Research.More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More
Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
Story image
Mobile devices biggest enterprise security threat - report
Businesses have left themselves vulnerable and open to cyber criminals in the rush to ensure their workforce could operate remotely during the Covid-19 pandemic.More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
Almost a third of malware threats previously unknown - HP report
A new report has found 29% of malware captured was previously unknown due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection. More