Proofpoint Research Shows Cyber Attacks Differ by Industry

Data shows Tech, Financial Services likely attacked in a more targeted manner, research now published on industry-serving resource site

SUNNYVALE, Calif., – Sept. 19, 2013 Proofpoint, Inc., (NASDAQ: PFPT), a leading security-as-a-service provider, released new research today that shows the volume of cyber-attacks are clearly different by industry and spread across a much wider range of industries than anticipated. Research indicated broad "longlining" attacks on pharmaceutical, retail, education, and more than 15 other sectors, as well as more focused attacks on the technology and financial service sectors.

“The assumption that certain industries are more targeted by attackers than others appears legitimate, though some of the higher-scoring industries surprised us, as some don’t typically consider themselves targeted,” said David Knight, executive vice president, information security products at Proofpoint. “The research shows that advanced malware-based attacks are targeting a broader range of industries than we expected.”

The research is available free of charge on Proofpoint's recently launched “Threat Insight” ( resource site that also features additional research on the effects of user training on reducing clicks on malicious URLs, videos of drive-by downloads in action, and an analysis of attacker infrastructures, along with research papers and introductory materials and a glossary for IT staff seeking additional industry knowledge.

In addition to real-time content, the site also features videos, podcasts and security-oriented news feeds that serve as a convenient conduit for staying current on emerging threats as they are uncovered. A threat glossary and Proofpoint’s monthly threat reports are also shared on the site to provide additional resources for those in the industry looking for trend analysis combatting Advanced Persistent Threats (APT).

APT-related attacks and targeted threats have consistently been in the news this year with breaches at organizations such as Twitter, New York Times, Wall Street Journal, South Carolina Department of Revenue, Associated Press, Viber and other companies. In 2012, according to Verizon, such attacks were responsible for nearly half of the exposed data with 95 percent of targeted attacks and Advanced Persistent Threats initiated via email-based spear phishing. In addition, techniques such as ‘longlining’ attacks have resulted in a far greater number of threat campaigns attacking companies in a highly targeted manner. Proofpoint’s unique cloud-based platform and Big Data analytics provide unprecedented visibility into these advanced threats, and Proofpoint’s new research showed that:

  • Volume of attacks received is less differentiated by size of company than by industry
  • Industries like Insurance, Hospitality, and Pharmaceuticals experienced more attacks per mailbox, at greater than 0.3 or more malicious threats targeted per mailbox in the sample period
  • Industries like Technology, Financial Services, and Government, conventionally thought to be the most attacked, showed less than 0.2 malicious threats per mailbox in the sample period

 “Threat Insight” is live at and can be followed on twitter@threatinsight.

About Proofpoint, Inc.
Proofpoint, Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at


Proofpoint is a trademark of Proofpoint, Inc. in the U.S. and other countries. All other trademarks contained herein are the property of their respective owners.