When it comes to the Australian market, the data showed the nation was subject to high amounts of activity in the first two weeks of the quarter. Criminals leveraging ZIP files were the most common file type detected.

Breaking it down further, Mimecast revealed there were three attacks made on the Australian legal profession during the quarter.

The first, on 1 July, saw 787 threat detections, while 8 July saw 1,666 detections and 16 September saw 2,226 detections.

“Nearly all of the attacks used generic Trojanised ISO files through Andromeda, Noon, and Razy, and the attackers also sought to exploit CVE-2017-8570 and CVE-2017-11882,” Mimecast noted.

“The legal sector attacks are highly likely to have been organised criminal groups attempting to compromise their intended targets for monetary gain, given the access to significant funds which the sector is perceived to have.

“The legal sector also has access to highly sensitive, valuable client information.

“Despite these factors, none of the targeted campaigns lasted for more than a day, and the attack vectors employed did not appear to significantly vary or evolve in terms of their complexity.”

VIEW ALL

That being said, the report also encouraged vigilance when it comes to deploying resources to mitigate the attacks, noting that hackers are becoming increasingly smarter and more sophisticated in their approach.

“Overall, efforts to modify threats to evade detection within sandboxing [continue] swiftly, and some older forms of malware are being modified as extensively as newer forms to evade detection,” Mimecast said.

“Alongside this malicious software, threat actors’ impersonation efforts have continued to increase, with the inclusion of malicious voicemail messages in recent detections. The threat is evolving and more nuanced than ever before.

“Malware-centric campaigns are continuing quarter over quarter. These campaigns are increasingly sophisticated and continue to use a diverse range of malware during the different phases of an attack, which is clearly pronounced in analysis of the most persistent attacks spanning a period of several days.

“Subscription-based Malware-as-a-Service models also continue to increase the availability of simple attack methods to a wider audience, simultaneously keeping older, well-known malware in circulation. The use of fileless malware is also increasing, and criminals are putting greater efforts into the increased use of impersonation attacks against businesses.”