sb-eu logo
Story image

67b emails rejected due to 'highly malicious attack techniques'

09 Aug 2019

Cybersecurity firm Mimecast analysed 160 billion emails sent between April and June 2019, and found that 60 billion (approximately 42%) of those were rejected because they displayed ‘highly malicious attack techniques’.

The Mimecast Threat Intelligence Report, which analysed data taken from 34,000 Mimecast customers around the world, revealed two vastly different attack trends. Attackers are using either simple, opportunistic attacks; or complex, targeted attacks based on necessity to impact the target.

There was also a significant increase in impersonation attacks that were leveraging well-known basic social engineering techniques to target individuals for fast and easy financial gain.

The report suggests that actors are adapting how they engage their targeted victims, initiating through email first, then shifting to SMS, which is a less secure communications channel according to Mimecast.

There is also a rising number of complex targeted attacks that use obfuscation, layering and bundling of malware. 

Researchers found that threat actors using these types of attacks are getting to know their target’s security environment, then implementing multiple evasion techniques in efforts to avoid detection.

“The cyber threat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets,” comments Mimecast vice president of threat intelligence Josh Douglas. 

“We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly.”

The report also gives specific examples of emerging threats, active threat campaigns observed, primary threat categories and volume, and the top targeted sectors.

Popular malware campaigns incorporated Emotet, Adwin, Necurs, and Gandcrab malware. 

Additionally, Microsoft Excel was one of the most popular file types used to distribute malicious threats, accounting for 40% of file associations. Microsoft Word files were associated with 15% of threats.

Other key findings from the report:

  • Threat actors are becoming more organised and business-like by implementing subscription and as-a-service-based business models to deliver malware in an effort to reduce their work and improve their return-on-investments
  • Spam is heavily used by threat actors as a conduit to distribute malware. Professional education was the most targeted sector for spam, as they are likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness and the potential for attackers to get access to personal data
  • Attacks on management & consulting and biotechnology industries accounted for 30% of all impersonation attacks
  • Trojans made up 71% of opportunistic attacks

“The mission of the Threat Intelligence Report is to help organisations better understand the global threat landscape, so they can make more informed decisions on how to strengthen their security posture,” Douglas concludes.

Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
Spending on managed security services in A/NZ to grow despite COVID headwinds
COVID-19 has changed security priorities significantly, and managed security services in A/NZ are set to benefit. More
Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More