Mimecast Ltd., Lexington, Mass., released its quarterly report, “Threat Intelligence Report: Risk and Resilience Insights,” which provides technical analysis and observations of evolving threats from the Mimecast Threat Center from July to September.
The Mimecast Threat Intelligence Report includes analysis of 207 billion emails processed by Mimecast, 99 billion of which were rejected. This research looks through the lens of spam, impersonation, opportunistic and targeted. This quarter’s report found that impersonation attacks are on this rise, accounting for 26% of total detections, and now includes voice phishing or “vishing,” where threat actors use social engineering to gain access to personal and financial information via the victim’s telephone system.
While the report uncovered a mixture of simple, low effort and low-cost attacks, the data highlights complex, targeted campaigns leveraging a variety of vectors and lasting several days. These sophisticated attacks are likely carried out by organized and determined threat actors, employing obfuscation, layering, exploits and encryption to evade detection. Additionally, throughout the research, it was clear three industries were targeted the most by cyberattacks— transportation, where state-sponsored threat actors seek to disrupt the logistical and supply capability of rivals, and banking and legal, which are industries rich with sensitive information.
“Threat actors seek numerous ways into an organization—from using sophisticated tactics like voice phishing and domain spoofing to simple attacks like spam,” says Josh Douglas, vice president of threat intelligence. “This quarter’s research found that the majority of threats were simple, sheer volume attacks. Easy to execute, but not as easy to protect against, as it shines a very bright light on the role human error could play in an organization’s vulnerability. Organizations need to take a pervasive approach to email security—one that integrates the right security tools allowing for greater visibility at, in and beyond the perimeter. This approach also requires educating the last line of defense – employees. Coupling technology with a force of well-trained human eyes will help organizations strengthen their security postures to defend against both simple and sophisticated threats.”
Of the 207 billion emails processed, there were 25 significant malware campaigns identified this quarter. The campaigns observed range from simple phishing campaigns to multi-vector campaigns alternating file types and attack vector, types of malware and vulnerabilities.
Additional key findings outlined in the report include:
- The majority of attacks are less sophisticated, high-volume attacks, due to the ease of access for any individual to launch an attack and employees still clicking on malicious links.
- ZIP files accounted for 34% of file compression format attacks, consistently the most detected format due to reliance on human error.
- Researchers detected a complex range of malware, some of which has been around for many years, in addition to new threats. Malware threats are increasingly automated.
- Top sectors targeted this quarter include transportation, storage, delivery, banking and legal.