A new study from Mimecast shows incumbent email security systems are missing known malware – which should be among the easiest to identify – with the email and data security company warning that ANZ businesses should focus on ‘cyber resilience’ rather than just email security.
The latest quarterly Mimecast Email Security Risk Assessment report showed incumbent email security systems missed 11,653 emails containing known malware, which is detectable by commonly deployed endpoint-based antivirus technologies. The results come as part of an inspection some than 95 million emails which passed through organisation’s incumbent email some security vendors.
The number of emails containing malware was up 532 per cent on last quarter.
The report also found that impersonation attacks were up 22 per cent quarter on quarter, with 23,072 caught.
Garrett O’Hara, Mimecast principal technical consultant, told Telecom Times the results were shocking, but not surprising.
“We have seen similar results from previous ESRA reports and have seen other independent reports suggesting this is an issue with some incumbent email security systems,” O’Hara said.
“The reason this is shocking is that the security industry has signatures for the pieces of malware so these are not zero-day or particularly sophisticated attacks. The engines are available to block these threats.”
O’Hara said Australia and New Zealand are seen as “a particular valuable target.”
“The ANZ region is a lucrative target for cyber-gangs given our well-paid and highly connected citizens. ANZ has often been reported as seeing a higher instance of email-based attacks as compared to global averages,” he said
O’Hara said Australian and New Zealand companies needed to think in terms of cyber resilience for email – not just security.
“This means leveraging a much more comprehensive ecosystem of security intelligence and technologies while making sure the business can maintain email during an attack and automatically recover data after an attack.”
He said the report highlights the importance of multi-layered inspection spanning technologies and approaches, citing Mimecast’s use of multiple antivirus engines, both third-party and in-house, static file analysis and behavioural file analysis in its platform.
“All up Mimecast leverages more than 100 techniques and threat data sources,” O’Hara said. “The threat landscape changes constantly and email security systems need to be dynamic in terms of the engines and technologies they use to protect their customers.”