IT disaster recovery, cloud computing and information security news

Report overviews the information security threat landscape for the first half of 2015

Details

Proofpoint has released its mid-year threat report which analyses what the threats of 2015 to-date can tell us about the evolving threat landscape.

Reviewing the first six months of 2015, the main trends that emerge are:

The EU sends out the most unsolicited mail

As in 2014, the volume from each country as a percentage of total unsolicited email was relatively constant, with the EU consistently accounting for around 15 percent of total unsolicited email, and the others accounting for single-digit percentages.

Decline in unsolicited mail - reaching levels not seen since 2012

As noted in the 2014 Threat Report, the 2014 net decrease in message volume seems counterintuitive in light of the number and severity of data breaches and compromises that were made public in the second half of 2014; however, what was lost in volume was more than made up for in maliciousness. The first six months of 2015 have seen a continuation of this downward trend, with average daily volumes reaching levels not seen since 2012.

Shift to attachment-based campaigns

The most striking development of the first six months of 2015 was a massive shift of threat activity from the URL-based campaigns that had dominated 2014, to campaigns that relied on malicious document attachments to deliver malware payloads. Malicious attachments have dominated the campaigns of 2015 to date, driven by the massive volumes of attachments and messages delivered by the Dridex campaigners as well as other botnets.

Change in phishing techniques targeting business users

Cybercriminals have shifted focus from consumers to business users. This shift was perhaps nowhere more apparent than in the message templates attackers used in 2014, and a year-over-year comparison highlights the new focus on business users.

Social media increasing as a source of brand and compliance risk

During the first six months of 2015, Proofpoint Nexgate social media security researchers found that the efficiencies gained in distributing malicious content via social media continue to make it an attractive channel for hackers and scammers.  A single phishing lure, malware link or spam message posted to a high profile corporate social media destination may be viewed by ten thousand or more potential victims. 

The full report is available here.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

Root Cause Analysis
The Impact Tolerance Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.