The amount of Spam hitting inboxes has fallen to its lowest level in a decade, according to Symantec but is this really a cause for celebration?
For decades, the amount of spam in corporate email boxes has been a major problem for users and IT. Set the filters too harsh and you risk not getting an urgent business email. Set them too low and the day is spent deleting email from desperate Russian women or bank clerks who discovered a hitherto untapped bank account with a fortune waiting to be reused.
Spam down but other attacks up
Spam is not just about avoiding dodgy email but ensuring that it is not masking more serious attacks. In the summary to the June edition of the Symantec Intelligence Report it happily reports that spam is now under 50% of the email flaying around the Internet.
The good news doesn’t stop there. Phishing attack and email-based malware were also down and manufacturing is getting a respite from the sustained cyberattacks that it has been under. But that’s where the good news seems to end. Ramsomware and Crypto-ransomware having dipped at the start of the year are back on the rise. More importantly, Ben Nahorney, Cyber Security Threat Analyst warns “attackers are simply moving to other areas of the threat landscape.”
Nahorney’s warning should be taken seriously. Despite some high profile take-downs of cyber criminal networks, the amount of data being stolen and then misused is on the rise. Data breaches stand at an all time high aided and abetted by a large number of unintentional breaches due to poor data management.
Are we getting the whole picture?
Going through the report it is noticeable that vulnerabilities are also down but are they really. One of the shocks of the last few weeks has been the information disclosed after the Hacking Team breach. This showed that commercial security companies and law enforcement are behaving in the same way as cybercriminals in discovering and exploiting vulnerabilities.
The problem for Symantec and its peers is that they can only report disclosed or detected vulnerabilities. This can create a false sense of success among companies when they see the attack rate drop. What is now known is that we cannot relax security at all and companies need to step up their processes to detect potential problems as they occur.
Malware, ransomware and crypto-ransomware are rising again
New variants of malware have jumped back to almost the same levels as November 2014. Interestingly, Mac OS X malware continues to grow while there is no evidence of an increase from any security vendor of a strong pickup in Mac end-user security tools such as anti-virus, anti-malware or anti-spam.
Mobile continues to be the biggest area for malware writers with new variants on Android hitting a new high in June. As sales of Android continues to dwarf other operating systems this rise in malware should come a no surprise. What the report doesn’t detail is how many of these malware variants are being distributed inside games or apps.
This increase in malware variants should not be taken to be a lack of new opportunities in the market. Instead, it shows the wars between malware writers, software vendors and security vendors is hotting up as malware writers increase their speed of reaction to any patches that are issued.
The renewed interest in ransomware and crypto-ransomware will concern a lot of companies as the only solution is to pay up or lose data. Sadly, there is no evidence that as a threat, this has improved backups for businesses and individuals which makes this an easy target for cyber criminals.
There is a lot of positive notes in this report but it is narrowly focused. It doesn’t look at data breaches or at other risks such as advanced persistent threats. Anyone who takes the positives and believes the cyber war has turned needs to rethink their approaches.