While high-profile data breaches may have declined in frequency during the quarter, they most definitely rose in impact. The fallout from the US Government Office of Personnel Management (OPM) data breaches continues to be felt, the latest example of which being that GSA has placed contracts for post-breach protection for the 22 million people affected. The impact of these breaches can be expected to last a long time; some experts suggest that the remediation process for the OPM breaches could take anywhere up to 40 years to complete.
While spam volumes rose by 13%—from 48.8 billion per day in Q1 to 55.2 billion in Q2—the number is still historically low and remains stagnant over the last 6 quarters. However, just looking at the top-line numbers could lead us to miss some very disturbing underlying patterns
1. Mobile malware is still growing fast.
2. Growth (in both volume and variety) of phishing threats continues at an alarming rate.
These data points may be indicative of a shift in emphasis by the cybercriminals. A pivot away from massdistribution “nickel and dime” campaigns designed for quick-hit revenue and towards using that same mass distribution infrastructure for the dissemination of more highly targeted and powerful threats.
This shift highlights a problem with legacy security tools and technologies. These tools were designed to provide protection in a threat landscape consisting of slowly evolving threat types, the majority of which were iterations of previously-detected threats. If the trend we see now proves to be true, security professionals have real cause for concern, as it means that their enterprises will be exposed to an ever-increasing volume of threats, with each one possessing the capability to severely impact their organization. In this new reality, security powered by “offline” technology models such as periodic updates to local static databases, can no longer provide meaningful protection. To provide effective security, real-time threat protection must become the norm.
In this quarterly report, you will find in-depth analysis of cybercriminal tactics such as Flash and Java malware, as well as another in our regular series of articles discussing the cyber criminal’s distribution method of preference phishing. Sadly, it is almost certain that some of the threats now in use are the work of third party contractors that develop malware and spyware for use by law enforcement and intelligence agencies – see our article on Flash malware for more. As always, we hope that by covering these threats in detail, readers will arm themselves with the knowledge and the necessary tools to better protect their organization and its data from the cyber criminals.