The email and data security company Mimecast has released its quarterly Threat Intelligence Report: Risk and Resilience Insights, revealing that the transportation, legal and banking sectors were hit the hardest by cyberattacks during the third quarter of 2019.
The report provides technical analysis from the Mimecast Threat Center from July to September during which time the firm processed 207bn emails, of which 99bn were rejected due to security concerns.
Mimecast’s research was focused on observing attack types discovered this quarter through the lens of four main categories: spam, impersonation, opportunistic and targeted. The report found that impersonation attacks are on the rise and they accounted for 26 percent of total detections. However, this category of attacks now also includes voice phishing or “vishing” and this advanced attack uses social engineering to gain access to personal and financial information using the calling capabilities of a victim’s smartphone.
Although Mimecast’s report discovered many low effort and low-cost attacks targeting its customers, the data also revealed that cybercriminals are launching targeted campaigns which leverage a variety of vectors and last for several days. These sophisticated attacks are likely carried out by organized and determined threat actors who employ obfuscation, layering, exploits and encryption to evade detection.
Volume over sophistication
Of the 160bn emails processed by Mimecast, there were 19 significant malware campaigns identified this quarter including Azorult, Hawkeye, Nanocore, Netwired, Lokibot, Locky and Remcos. The campaigns observed by the firm range from simple phishing campaigns to multi-vector campaigns that alternated file types, attack vector, types of malware and vulnerabilities.
Overall the majority of attacks that took place in Q3 were less sophisticated, high volume attacks and this because these kinds of attacks can be launched by any individual and require less resources to carry out.
Additionally, Mimecast found that ZIP files accounted for 34 percent of file compression format attacks and these attacks are the most detected due to their reliance on human error.
Vice president of threat intelligence at Mimecast, Josh Douglas provided further insight on the report’s findings, saying:
“Threat actors seek numerous ways into an organization – from using sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam. This quarter’s research found that the majority of threats were simple, sheer volume attacks. Easy to execute, but not as easy to protect against as it shines a very bright light on the role human error could play in an organization’s vulnerability. Organizations need to take a pervasive approach to email security – one that integrates the right security tools allowing for greater visibility at, in and beyond the perimeter. This approach also requires educating the last line of defence – employees. Coupling technology with a force of well-trained human eyes will help organizations strengthen their security postures to defend against both simple and sophisticated threats.”