Email-Based Attacks Made Scary Gains in First Hal
This year’s first and second quarters saw a 56 percent increase in email-based attacks that penetrated traditional security mechanisms, the security firm FireEye says in its Advanced Persistent Threat Report, released today.
During the first half of the year, the company saw continued increases of malicious infection activity and an intensified danger of email-based attacks as cybercriminals increasingly employ throw-away domains to infiltrate enterprise networks.
The report is based on data from the FireEye Malware Protection Cloud, a service powered by thousands of company appliances that observe these interactions.
What it means is simple firewalls and anti-virus protection isn’t enough, and relying on signature detection alone is inadequate. FireEye’s data is just the latest in a series of reports that track this sort of information, and which have come to similar conclusions. Like many other products, FireEye’s appliance tracks unique, customized viruses that are targeted at specific PCs and designed to avoid signature scans.
FireEye found that advanced Web-based malware capable of evading signature-based detection is becoming more common. Its presence has increased nearly 400 percent since 2011. The company observed an average of 643 successful infections per week per company.
You can see the month-by-month trends regarding embedded emails links and attachments in the chart. Note the sharp increases in May and June. You can read the whole report here.