Malicious files evading email security products

News
By published

New study reveals massive gaps in detection time of unknown threats

Email warning
(Image credit: Shutterstock)

Enterprises could be even more vulnerable to email-based attacks according to a new study from BitDam which shows that malicious files regularly bypass all of today's top email security solutions.

The firm's study titled “The Blind Spots of Email Security” measured the ability of email security products to detect unknown threats at first encounter. 

By using fresh samples of malicious files from a number of sources and qualifying them as unknown threats, BitDam was able to calculate the miss rate at first encounter as well as the Time To Detect (TTD) of today's top email security products.

Detecting unknown threats

According to the study's findings, the miss rate over seven weeks at the end of 2019 was about 23 percent for Office ATP while the TTD average was about 48 hours. However, close to 20 percent of missed unknown threats took four or more days to be detected and Office 365 ATP was 'blind' to selected unknown threats it did not detect at first encounter. For G-Suite, the miss rate was 35.5 percent and the TTD average was bout 26 hours with around 10 percent of missed unknown threats taking three days or more to be detected.

These large detection gaps provide proof of how enterprises are often unprotected against unknown threats and this can lead to successful email-based attacks such as ransomware, phishing and malware.

Former founder and CTO of Bromium, Simon Crosby praised BitDam's study for pinpointing the unacceptable gap in detection time by many email security products, saying:

“Mind the gap! is as relevant to CISOs as it is to riders on the London Underground. The time gap between malware delivery and subsequent detection by the industry’s most widely used endpoint protection suites solutions is shockingly long - in practice long enough to be useless. BitDam’s recent study pinpoints this unacceptable gap in detection time, showing that organizations are exposed to cyberthreats for many hours, or even days, before their email security identifies these as malware.”

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in News
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
A close up of The Daily podcast from Pocket Casts' web page
‘Podcasting shouldn’t be locked behind walled gardens’: Pocket Casts slams Spotify and makes its web player free to all
More about security
An American flag flying outside the US Capitol building against a blue sky

The FCC is creating a security council to bolster US defenses against cyberattacks
Ransomware

Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Google Gemini Flash 2.0 Images

I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
See more latest
Most Popular
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Dell Pro 75 Plus monitor pictured against a white background.
Dell just launched a $4,000 75-inch 4K touchscreen display - but I've found one rival that's 50% cheaper
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Quordle on a smartphone held in a hand
Quordle hints and answers for Friday, March 14 (game #1145)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Friday, March 14 (game #642)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Friday, March 14 (game #376)
Verizon logo on a building with blue sky above
Millions of Americans are missing out on cheap unlimited cloud storage - how to check if you are one of them
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
The Toyota FT-Me Concept sitting in a car park
Toyota's self-charging concept EV could help you tackle the daily commute on solar power alone