Transportation, Legal and Banking Sectors Hit the Hardest by Cyberattacks, According to New Mimecast Report
Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the availability of its quarterly Threat Intelligence Report: Risk and Resilience Insights. The report provides technical analysis from the Mimecast Threat Center from July -September 2019 on the nature of attack campaigns in addition to observations and analysis of evolving threats. Outlining the trends emerging from these identified attacks and assessing the current behavior of threat actors can help organizations better understand the impact these factors will have on the cybersecurity landscape in 2020.
The Mimecast Threat Intelligence Report includes analysis of 207 billion emails processed by Mimecast, 99 billion of which were rejected. The report keeps organizations informed on the threats that are targeting their industries, so they can better prepare for, and protect themselves against threats inside, at and beyond the perimeter. This research looks through the lens of the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. This quarter’s report found that impersonation attacks are on this rise, accounting for 26% of total detections – and now includes voice phishing or “vishing,” an advanced attack observed in this quarter, where threat actors use social engineering to gain access to personal and financial information via the victim’s telephone system.
Of the 207 billion emails processed, there were 25 significant malware campaigns identified this quarter which incorporated Azorult, Hawkeye, Nanocore, Netwired, Lokibot, Locky and Remcos. The campaigns observed range from simple phishing campaigns to multi-vector campaigns alternating file types and attack vector, types of malware and vulnerabilities. All the analysis discovered in the report is fed back into Mimecast engineering to enhance cloud-based security services, improving customer’s cyber resilience and helping them avoid disruptions to their business
Additional key findings outlined in the report –
- The majority of attacks are less sophisticated, high volume attacks – due to the ease of access for any individual to launch an attack and employees still clicking on malicious links
- ZIP files accounted for 34% of file compression format attacks – consistently the most detected format due to reliance on human error
- Researchers detected a complex range of malware, some of which has been around for many years, in addition to new threats. Malware threats are increasingly automated.
- Top sectors targeted this quarter: transportation, storage and delivery, banking and legal
For the full Threat Intelligence Report, visit here.