Latest Mimecast research finds threat actors more motivated by money than intelligence or IP

Thursday 6 August 2020 12:56 CET | News

Mimecast has launched a report that provides technical analysis of US targeted attacks that attempted to infiltrate the security environment of Mimecast customers. 

According to the press release, the report, called ‘Threat Intelligence Report: Black Hat U.S.A. Edition 2020’,  unveils two main trends throughout the analysis: the desire for attacker’s monetary gain and a continued reliance on COVID-19-related campaigns – especially within certain vertical industries. 

Moreover, the majority of attacks seen by the Mimecast Threat Center during this period were simple, high volume forms of attacks, such as spam and phishing that is likely a reflection of the ease of access to tools and kits available online. As the attacks progressed, exploits evolved to more potent forms of malware and ransomware with the attacker’s goal appearing to be monetary gain.

Key findings within the report include:
  • Threat actors go where the money flows: The attacks from January-June 2020 incorporated a vast array of threats, including Azorult, Barys, Cryxos, Emotet, Hawkeye, Lokibot, Nanocore, Nemucod, Netwired, Remcos, Strictor, and ZLoader, and involved a combination of mass generic Trojan delivery with phishing campaigns with the goal of monetary gain.

  • Industries that remained opened during the pandemic where the most affected: Manufacturing, retail/wholesale, finance, and insurance were the most affected industries. In addition, the media and publishing sector suffered high volumes of impersonation attacks (48.4 million detections), potentially was a vehicle to spread disinformation across the US.

  • Organisations are at a higher risk of being attacked by ransomware: Researchers found that it is highly likely that US businesses are at risk of ransomware attacks, due to threat actors’ efforts towards the high volume, opportunistic attack of multiple verticals. The circumstances of the pandemic make organisations more vulnerable to ransomware, so it will likely remain a significant threat for the second half of 2020.

  • Impersonation attacks continue to accelerate: The volume of sender impersonation attacks increased by 24% between January and June 2020 to nearly 46 million per month.  

The ‘Mimecast Threat Intelligence Report: Black Hat U.S.A. Edition’ provides analysis of 195 billion emails processed by Mimecast for its customers during the period of January through June 2020, 92 billion of which were rejected (47%) for being malicious or spam. Four primary threat categories were analysed in this report: spam, impersonation attacks, opportunistic attacks and targeted attacks.  

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Mimecast, report, spam, phishing, malware, ransomware, impersonation attacks, opportunistic attacks, targeted attacks, COVID-19
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime