Legacy email systems - a significant security risk?

Mimecast has published its quarterly Email Security Risk Assessment (ESRA), a report of tests which measure the effectiveness of incumbent email security systems.

  • 5 years ago Posted in
This quarter’s assessment reports that these systems missed 11,653 emails containing known malware, which should be the easiest to identify, as they are detectable by commonly deployed endpoint-based anti-virus technologies. Additionally, the report noted a continued challenge of securing organizations from unknown malicious attachments, dangerous files types, impersonation attacks, as well as even basic spam.

 

As part of the assessment, Mimecast inspected more than 95 million emails, all of which had passed through organizations’ incumbent email security vendors. These organizations, in 20 different industries, invested millions of dollars to deploy a variety of commonly used on-premise and hybrid email security systems. The latest report found more than 14,277,163 pieces of spam, 9,992 emails containing dangerous file types, and 849 unknown emails with malware attachments -- all missed by the incumbent providers and delivered to users’ inboxes. Most notably, 11,653 known emails with malicious attachments passed through these systems, an increase of 532 percent in comparison to last quarter’s assessment. Impersonation attacks also continue to be a problem for organization, as 23,072 were caught – increasing 22 percent in comparison quarter over quarter. The report indicates the need for organizations to enhance their cyber resilience strategies for email. 

 

“Mimecast’s ESRA is aiming to establish a standard of transparency that raises the bar for all security vendors helping organizations pinpoint weaknesses in their defenses,” said Matthew Gardiner, cybersecurity strategist at Mimecast. “Emails ranging from opportunistic spam, targeted impersonation attacks and unknown malware are getting through incumbent email security systems. The security system of one primary cloud email platform missed 76.6 percent of the aggregate impersonation attacks while another global security vendor missed the 83.4 percent of the “known” malware attachments.”

 

Mimecast recently conducted global research with Vanson Bourne on the state of organizations’ cybersecurity, what attacks they’ve seen increase, and their level of confidence to thwart these evolving attacks. The findings were based on responses from 800 IT decision makers and C-level executives. Not surprisingly, and consistent with the results of the Mimecast ESRA report, organizations are forecasting a challenging future, with nearly 60 percent of respondents having said their organization is likely to suffer a negative business impact because of an email-borne attack in 2018.

 

Also in line with the ESRA results, despite efforts, email-borne attacks are on the rise.  The clear majority of Vanson Bourne respondents have seen untargeted phishing attacks (94 percent) or targeted spear-phishing attacks (92 percent) with malicious links in the past 12 months, with the volume of both attacks increasing 56 percent over the last year. Most respondents also reported seeing email-based impersonation attacks asking either to initiate wire transfers (87 percent) or for confidential data (85 percent) over the last year.

 

“Mimecast’s multilayered security inspection system consists of more than 100 analytic techniques and threat data sources provided both by in-house development and third-party sources, including 3 separate AV engines, file sandboxing, static file analysis and other techniques. No single technique can be relied upon to stop the rapidly evolving attacks and organizations need to ensure they also have continuity during, and automated recovery after an attack to achieve cyber resilience for email,” Gardiner added.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...