Story image

67b emails rejected due to 'highly malicious attack techniques'

09 Aug 2019
Twitter
Facebook

Cybersecurity firm Mimecast analysed 160 billion emails sent between April and June 2019, and found that 60 billion (approximately 42%) of those were rejected because they displayed ‘highly malicious attack techniques’.

The Mimecast Threat Intelligence Report, which analysed data taken from 34,000 Mimecast customers around the world, revealed two vastly different attack trends. Attackers are using either simple, opportunistic attacks; or complex, targeted attacks based on necessity to impact the target.

There was also a significant increase in impersonation attacks that were leveraging well-known basic social engineering techniques to target individuals for fast and easy financial gain.

The report suggests that actors are adapting how they engage their targeted victims, initiating through email first, then shifting to SMS, which is a less secure communications channel according to Mimecast.

There is also a rising number of complex targeted attacks that use obfuscation, layering and bundling of malware. 

Researchers found that threat actors using these types of attacks are getting to know their target’s security environment, then implementing multiple evasion techniques in efforts to avoid detection.

“The cyber threat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets,” comments Mimecast vice president of threat intelligence Josh Douglas. 

“We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly.”

The report also gives specific examples of emerging threats, active threat campaigns observed, primary threat categories and volume, and the top targeted sectors.

Popular malware campaigns incorporated Emotet, Adwin, Necurs, and Gandcrab malware. 

Additionally, Microsoft Excel was one of the most popular file types used to distribute malicious threats, accounting for 40% of file associations. Microsoft Word files were associated with 15% of threats.

Other key findings from the report:

  • Threat actors are becoming more organised and business-like by implementing subscription and as-a-service-based business models to deliver malware in an effort to reduce their work and improve their return-on-investments
  • Spam is heavily used by threat actors as a conduit to distribute malware. Professional education was the most targeted sector for spam, as they are likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness and the potential for attackers to get access to personal data
  • Attacks on management & consulting and biotechnology industries accounted for 30% of all impersonation attacks
  • Trojans made up 71% of opportunistic attacks

“The mission of the Threat Intelligence Report is to help organisations better understand the global threat landscape, so they can make more informed decisions on how to strengthen their security posture,” Douglas concludes.

Story image
13 Nov
Microsoft showcases innovations in new Asia Pacific HQ
Almost 145,000 metres of cabling, 200 display screens, 179 Bluetooth beacons and 900 sensors make up Microsoft’s new Asia Pacific headquarters in Singapore, which is now home to the region’s first Microsoft Experience Centre.More
Story image
05 Nov
Microsoft's new security innovations at Ignite 2019
Microsoft 365 and Security corporate vice president Kirk Koenigsbauer outlined 10 major security announcements across Azure, Microsoft 365, Office, and Microsoft Defender ATP. More
Story image
Yesterday
Lack of PCI DSS compliance putting payment security at risk
Organisations across Asia Pacific are demonstrating stronger payments security compliance compared to other parts of the world, however global trends indicate that payments security compliance has dropped for the second year in a row.More
Story image
Yesterday
Palo Alto Networks adds SD-WAN and DLP capabilities to edge networking platform
Prisma Access aims to deliver end-to-end networking and security services from a globally distributed cloud platform.More
Story image
12 Nov
How user-centred design is reshaping cybersecurity
A user-centered design approach starts with users and asking them what they want to gain a deeper understanding of their needs.More
Story image
07 Nov
Worldwide spending on security products and services set to reach $151.2 billion in 2023
"Considering there have been many attempts for hackers to acquire funds from banks, the banking industry is expected to spend the most on security solutions."More