Don't let malware sleep in your sandbox

Email Security - Sandbox Infopaper
What don't you know about one of the most dangerous forms of email attack?
The Trouble with Sandboxing We sent over 200 billion emails last year according to Radicati Group, accounting for more employee communication than telephone, instant messaging, text messaging and social media combined - and it’s only expected to increase.

Yet email is vulnerable. It’s the single most vulnerable platform to attack: nearly 70% of the data breach type attacks we see on the news begin with an attachment in an email message.
It only takes 10 targeted emails to establish a foothold - virtually guaranteeing an infection to even a poorly-motivated attacker. As email continues to be the primary method of communication in most organisations, targeted, email-based attacks are a common problem – and for a while, sandboxing has represented an incredibly powerful business defence. Until now.

What is Sandboxing… and why is it failing?

Sandbox detection is a malware defence used by the good guys to inspect email attachments and determine if there is malware embedded before it is passed on to the recipient. The email is opened in a virtual environment to see if anything untoward will happen when it’s opened by the actual recipient.
But attackers are getting smarter, and they have adapted their malware to spot the telltale signs of sandboxing and defeat it.  And there’s another problem, of course: Sandboxing slows down your business operations, because most sandbox detection takes a long time to determine if an email is ‘clean’ before it can be delivered. So how big of a problem is this?

A real business issue

More than a fifth of all malware is now sandbox-aware and will exhibit evasion techniques in order to pass through this 'checkpoint' undiscovered. Traditional security technology isn't up to the job and your organisation must consider email-based attacks a real business issue.