Home CioAxis Trojans Make up 71% of Opportunistic Attacks: Mimecast

Trojans Make up 71% of Opportunistic Attacks: Mimecast

by CIO AXIS

Mimecast has launched its first Threat Intelligence Report: Black Hat Edition 2019, which provides technical analysis of emerging threats identified as attempts to get through the security environment of Mimecast customers.

Within the report, Mimecast Threat Center researchers outline tactics and techniques of emerging threats, active threat campaigns observed, primary threat categories and volume, and the top targeted sectors.

Researchers also offer their insights into how the threat landscape may change over the next 6-18 months based on observations made during this time.

There are two opposing themes that ran through their analysis: attackers are using either (1) simple, opportunistic attacks or (2) complex, targeted attacks based on necessity to impact the target.

The Threat Intelligence Report covers the period between April and June 2019 and leverages the processing of nearly 160 billion emails, 67 billion of which were rejected for displaying highly malicious attack techniques.

According to the Mimecast report, a significant increase in impersonation attacks was observed, leveraging well-known basic social engineering techniques to target individuals for fast and easy financial gain. Interestingly, the report cites that threat actors are adapting how they engage their targeted victims, initiating through email first, then shifting to SMS, a less secure communications channel.

On the other hand, an increasing amount of more complex targeted attacks using obfuscation, layering and bundling of malware were often used. Researchers found that threat actors using these types of attacks are familiarizing themselves with their target’s security environment, then implementing multiple evasion techniques in efforts to avoid detection.

The report also gives specific examples of emerging threats, active threat campaigns observed, primary threat categories and volume, and the top targeted sectors. A large number of known malware campaigns were observed, including ones incorporating Emotet, Adwin, Necurs, and Gandcrab malware. Microsoft Excel was one of the most popular file types used to distribute malicious activity, as more than 40% of threats detected were using files associated with it. File types associated with Microsoft Word were seen in nearly 15% of threats.

“The cyberthreat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets. We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly,” said Josh Douglas, vice president of threat intelligence at Mimecast. “The mission of the Threat Intelligence Report is to help organizations better understand the global threat landscape, so they can make more informed decisions on how to strengthen their security posture.”

The report says that threat actors are becoming more organized and business-like by implementing subscription and as-a-service-based business models to deliver malware in an effort to reduce their work and improve their return-on-investments.

The report revealed that Trojans made up 71% of opportunistic attacks and that spam is heavily used by threat actors as a conduit to distribute malware. Professional Education was the most targeted sector for spam, as they are likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness and the potential for attackers to get access to personal data.

Another key finding of the Mimecast report is that attacks on Management & Consulting and Biotechnology industries accounted for 30% of all impersonation attacks.

 

 

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads