Mimecast has made its quarterly Threat Intelligence Report: Risk and Resilience Insights available. The report provides technical analysis from the Mimecast Threat Center from July -September 2019 on the nature of attack campaigns, observations and analysis of evolving threats.
The Mimecast Threat Intelligence Report includes analysis of 207 billion emails processed by Mimecast, 99 billion of which were rejected. The report keeps organizations informed on the threats that are targeting their industries, so they can brace themselves against threats.
This research focused predominantly on four types of attacks: spam, impersonation, opportunistic and targeted. This quarter’s report found that impersonation attacks such as voice phishing or “vishing” are on this rise, accounting for 26% of total detections. The outcome of the research also clearly indicates that banking, legal and transportation industries were the prime targets.
“Threat actors seek numerous ways into an organization – from using sophisticated tactics, like voice phishing and domain spoofing, to simple attacks like spam,” said Josh Douglas, vice president of threat intelligence at Mimecast. “This quarter’s research found that the majority of threats were simple, sheer volume attacks. Easy to execute, but not as easy to protect against as it shines a very bright light on the role human error could play in an organization’s vulnerability. Organizations need to take a pervasive approach to email security – one that integrates the right security tools allowing for greater visibility at, in and beyond the perimeter. This approach also requires educating the last line of defence – employees. Coupling technology with a force of well-trained human eyes will help organizations strengthen their security postures to defend against both simple and sophisticated threats.”
Of the 207 billion emails processed in this quarter, 25 significant malware orchestrations were using Azorult, Hawkeye, Nanocore, Netwired, Lokibot, Locky and Remcos.
All the analysis discovered in the report is fed back into Mimecast engineering to enhance cloud-based security services to improve customer’s cyber resilience and help them avoid disruptions.