Did you know that the biggest cyber threat may be PDF files delivered via email? Barracuda Security Networks Inc. reports that nearly 41 million such files were included in an attack since last September, making PDF files the highest volume of weaponized file types of the avenues it studied.
But they’re not the only one. And the growing risk from all forms of cyber crime has prompted Barracuda to launch Barracuda Security Insight — a sort of daily weather forecast of threats. “When you wake up in the morning, you can tell what kind of files are being weaponized around the world,” says Fleming Shi, SVP of technology at Barracuda.
The free service allows users to click through and see the types of attacks prevailing, the current threat level and a cybersecurity index. The goal is to protect users by alerting them to risks, “based on what we have seen,” Shi adds.
The platform also interacts with Amazon’s Alexa and Google’s Google Home so that users can get the information via a voice user interface, Shi adds. So in addition to access via the Barracuda website, the firm provides an open API integration into applications from common web portals and dashboards, and also into such digital assistants as Alexa.
Barracuda may offer more personalized subscription services in the future, but for now it is focusing on this basic free service.
So what is the tool telling us?
At press time on Thursday, the tool noted there had been 611,482 advanced email threats in the past 24 hours, along with 3,986 web threats and 5,590 network threats.
Why does email dominate?
“This is pretty standard,” Shi says. “Email’s always been the heaviest attack server.”
The index also reports a threat level of “dangerous,” and a Cybersecurity Index of 88.3.
Scrolling down, one can see that one current threat is Czech emails with JARs. “The JAR itself unpacks and runs several VBScript files that try to steal Windows credentials while evading security software,” the alert states.
Such scripts can be embedded in html, or other rich document formats such as rtf and Office, the company adds. Of 70 million Office documents scanned in the last three months, more than 4.7 million to be malicious or suspicious.
“These scripts are pretty dangerous,” Shi observes.
Compressed files are another popular way for evildoers to transmit disguised attacks, as in a ransomware campaign comprised of over 27 million emails sent in less than 24 hours last September
“It’s labor intensive to open and find it,” Shi says of these compressed files. Security teams may have to dig further down than the usual three layers.
For its part, Barracuda is “stalking cyber threats,” Shi continues. “When we see malicious malware, we analyze it through multiple layers. We also do dynamic analysis that allows us to understand what’s inside a pdf file.”
It’s a sad comment that this is even necessary. Shi admits, “the world is pretty scary.”