Infosec Cloud
Solutions. Services. Training.

Proofpoint Threat Report:Top trends of 2015 so far

Guest Post: Proofpoint.

With the first six months of 2015 behind us and unsolicited email volume data for the first half of the year available in the Threat Report for June 2015, this is a good opportunity to see what the data and threats of the year-to-date can tell us about the evolving threat landscape.

Cybersecurity and data breaches have continued to dominate the press: the high-profile breach at the Office of Personnel Management (OPM) exposed extensive personal data of up to 21 million individuals but it was hardly the only one, as banks, retailers, insurance companies and a variety of other public and private organizations.

While cybercrime remains the prevalent driver for many of these, state actors are widely suspected behind some.

At the same time, exploits and tools have also been very visible: in addition to the usual parade of new patched vulnerabilities and zero-day exploits, the first half of the year saw rapid changes in the exploit kit (EK) landscape, as the Angler EK and then others included zero-day exploits, demonstrating the increasing sophistication and value-add of EK’s as part of a cybercrime infrastructure.

Several of the trends we described in the Proofpoint cybersecurity predictions for 2015 have developed as expected, from the targeting of PII by presumed state actors (OPM) and the advancement of Federal cybersecurity legislation (in addition to executive orders), to the continued growth of malvertising and ransomware.

Social media threats and legislation have yet to make the same impact in 2015, but trends in social media activity show that threat actors and legislators alike are discovering this vector and will focus more on it during the second half of 2015.

Reviewing the first six months of 2015, four main trends emerge:

1. Shift to attachment-based campaigns
2. Change in phishing techniques target business users*
3. Social media increasing as a source of brand and compliance risk
4. Continued decrease in the overall volume of unsolicited messages

 Click here to continue reading >>

* See the Infosec Cloud Security Awareness Testing & Training Service >>

  • Employee GDPR Awareness Training

  •  Identity-as-a-Service (IDaaS) solution

  • Tokenless Strong Authentication (MFA)

  • Next Gen Endpoint Security

  • Enquiry LinkedIn Spiceworks

    How to defend against malvertising

    Guest post: Proofpoint.

    Cybercriminals are increasingly turning to malvertising as a way to infect unsuspecting end users, and organisations need to adopt dedicated protection solutions to help defend themselves against this growing threat.

    Malvertising, a portmanteau of malicious advertising, is when a seemingly innocent ad on a website directs someone to a Web page that causes malware to be downloaded on the browsing device being used. According to eSecurity Planet, malvertising is becoming increasingly prevalent because it is a relatively easy way to infect visitors to some of the biggest sites online. Cybercriminals have become quite adept at disguising their true intentions from ad networks, thus providing them with an easy backdoor onto the targeted paged.

    “Crafty hackers do not even need to implant any malicious code into the ad itself, ensuring that it clears any scanning by the advertising network,” eSecurity Planet contributor Aaron Weiss wrote. “Instead, the ad can simply lure people to a website. The site may contain only clean content when the ad is submitted to the network, but once ad impressions begin the hackers plant malware on the site, which they already control.”

    Due to this ease and the effectiveness of malvertising, there were approximately 10 billion malicious ad impressions in 2012, according to statistics cited by eSecurity Planet. That number is likely to rise in the coming years too, especially as the tactic proves fruitful to cybercriminals and as more We browsing happens from unsecured smartphones and tablets. A March 2014 report from Blue Coat Systems showed that 20 percent of all mobile device users had encountered malvertising. In comparison, 5.7 percent of all mobile malware in 2012 started with bad ads, Infosecurity reported.

    Perhaps the best known example of the power and prevalence of malvertising happened at the end of 2013. Approximately 300,000 people were affected by malvertising on Yahoo.com, as a bad ad on the site led unsuspecting users to a page that covertly installed code on the device that allowed it to be controlled remotely, eSecurity Planet reported.

    Can malvertising be stopped?
    While the threat posed by malvertising is great and only growing, organizations can take steps to mitigate this problem. In particular, by adopting solutions from Proofpoint, companies will be able to ensure that employees and safely browsing the Web and are not causing malware to be inadvertently downloaded onto corporate-owned assets.

    For the majority of organizations, Proofpoint Targeted Attack Protection is the ideal safeguard to deal with malvertising. What makes this solution unique is that it uses advanced statistical modeling and analytics to more accurately determine if a link clicked is malicious or not, thus helping to prevent malware from ever being accidentally downloaded. It also comes with real-time monitoring capabilities to help organizations more effectively track and note malvertising and potentially destructive end-user behavior.

    Proofpoint also helps ad networks and other organizations from ever hosting malicious ads in the first place. Proofpoint Malvertising Protection takes the ad’s creative, actual impressions served and ad tags into account when scanning hosting requests to see if it is a legitimate advertisement or if it is malicious in nature. By taking such a comprehensive approach to ad scanning, organizations can help to make sure their brand is not tarnished by malvertising.

    “For enterprises who publish ads on their own websites, the risks of malvertising can threaten both your users and your reputation,” Weiss wrote. “Becoming the source of an infection that can infect thousands, or even millions, is not an ideal customer relations strategy. Businesses who accept direct advertising – that is, you accept ads directly from advertisers – need to have a well-crafted vetting strategy.”

    As the threat posed by malvertising rises to new heights, the benefits that Proofpoint Targeted Attack Protection and Proofpoint Malvertising Protection provide become more critical to the safeguarding of important information and networks than ever before.

    To find out how Proofpoint can protect your organisation, email [email protected] or call 01256 379970.