Presidio Threat Analysis Report

EXECUTIVE SUMMARY
In this report, we looked at the data from E-Mail and external attack vectors. Most of the statistics researched showed that Phishing, Virus, and Spam events are down from the first few months of 2013 compared to the last quarter of 2012. However, there was still activity that caused people concern related to the Valentine’s Day spam. This was a traditional spam message that directed unsuspecting recipients to malicious website asking for personal information. Attachments also contained code that attempted to spread the virus or exploit a vulnerability on the local system. This is a standard attack vector and Modus Operando of spam.

How do we protect ourselves?
There are various products offered through Presidio to help organizations deal with spam threats in their environment. However, technology alone will not solve this issue. Appropriate and timely awareness training should be adopted to ensure the safe handling of suspicious e-mails stays fresh in the minds of the people, at all levels, of your organization. As with everything thing in security, a holistic approach is recommended to mitigate the effects of these threats. User Awareness Training, proper Patch Management, and Technical Controls that weed out the vast majority of these attacks will provide that holistic coverage.

Adobe was in the news again with another patch for Flash. This was an unprecedented third time in February. The most recent patch published by Adobe addresses a security vulnerability in Flash Player 11.6.602.168 and earlier versions. The vulnerability affects all operating systems and all browsers. This updated addresses a very targeted attack that is being carried out in the wild. Attackers are specifically sending unsuspecting users to infected sites with malicious code to exploit this vulnerability. Adobe is far from the only software vendor struggling to keep up with patching vulnerabilities. What is particularly troubling is the frequency of the updates from Adobe. Flash is regarded as a safer more secure alternative to the notoriously vulnerable Java applications. However, that image is beginning to tarnish.

How do we protect ourselves?
IT Policy is not going to be the primary control to protect your organization from these types of threats. Patching systems can only be effective if the vendor provides patches for you to deploy. Some technical controls are available to help mitigate the effects of these types of attacks. IPS and Malware detection systems can provide a layer of security into your network to help mitigate these threats. Products by vendors such as Cisco and FireEye use information from their Global Threat Detection systems to incorporate new signatures in near real-time. This technology can provide you with updated signatures to quickly respond to threats that may not have patches available.

Read the full Presidio Threat Analysis Report for detailed insight into email and data security threats and the solution providers that can help offset todays risks.