OverviewEmail Security SecureTransport Validation Authority                          
OverviewIndustry Solutions Application Solutions                                                                     
OverviewPortal Login Consulting Training Contact                                           
Overview Find a Partner Apply Now Technology                         
 
 

Tumbleweed Press Releases

Latest Tumbleweed Dark Traffic Report Shows 170% Growth in Directory Harvest Attacks

Over 40% of Enterprises Surveyed Use Email Address as Single-Sign-On Credentials

Redwood City, CA – December 13, 2005 –Tumbleweed® Communications Corp. (NASDAQ:TMWD), a leading provider of email security, file transfer security, and identity validation solutions, today announced the release of the second Dark TrafficT Report covering Q3 of 2005. The Dark Traffic Report includes data on the prevalence of network-level threats to email infrastructures and the impact to organizations, and can be downloaded at:
http://www.tumbleweed.com/pdfs/TMWD_Dark_Traffic_Email_Report_Q3_2005.pdf

Dark Traffic, now accounting for 83 percent of all inbound email network traffic, is made up of Directory Harvest Attacks (DHA), email Denial of Service (DoS) attacks, malformed SMTP packets, invalid recipient addresses, and other requests and communications unrelated to the delivery of valid email messages.  The Dark Traffic Report defines and analyzes email security information gathered through a combination of research interviews with enterprise IT and email administrators, and taps of raw email network data aggregated from traffic monitors positioned in top enterprises throughout the U.S. 

For the period running from July through September 2005, invalid Dark Traffic accounted for 83 percent of the inbound email network traffic being processed by enterprises based on a sampling of over 100 million messages.  Represented another way, valid messages accounted for 17 percent of inbound enterprise traffic.  It is important to note that, of these valid messages, a significant percentage are later determined by content filters to be unwanted spam.

In addition to direct measurement of email network traffic in the U.S. and overseas, this report also includes the results of a survey of over 100 top enterprise IT and email administrators in the U.S. which shows that there is still a large gap between the perceived amount of Dark Traffic and the actual amount organizations receive.

Other findings available in this report include:

  • Growth in Denial of Service Attacks:  300%
  • Growth in Directory Harvest Attacks:  170%
  • Percentage of inbound SMTP traffic that is addressed to invalid recipients:  43%
  • Over 40% of enterprises surveyed use an employee’s email address as the network login username.  Successful DHA’s can put network security at risk.

Most email administrators lack visibility into the composition of inbound port 25 traffic, and therefore have no ability to shape it.  They only see the impacts of Dark Traffic indirectly, for example when comparing the volume of accepted messages to the volume of delivered messages, or via large outbound queues of non-delivery notices.  As a result of the huge volumes of Dark Traffic email that organizations receive, they continue to add additional email servers and email security appliances to process the excessive invalid email traffic they receive.

“In our first Dark Traffic Report in Q1 of 2005, we were genuinely surprised at the amount of hidden traffic flowing into the enterprise under the radar.  In compiling this latest Dark Traffic report, we were again surprised to see such large jumps in Directory Harvest Attacks and Denial of Service Attacks,” said John Thielens, CTO of Tumbleweed Communications.  “Enterprises are spending far too much on email infrastructure to handle the 80-plus percent of useless traffic that could be stopped at the network perimeter.”

About Email Denial of Service Attacks
Email Denial of Service attacks (also called “DoS attacks,” “mail bombing” or “flooding”) attempt to overwhelm an email relay or server with a huge volume of messages, causing the server to drop connections or refuse legitimate email.  Distributed DoS attacks (DDoS) are often launched from armies of zombie computers that have been infected with email viruses, worms, or spyware.  These zombies can be controlled remotely by the hacker who sent them, and can be targeted to attack one or more specific victims.  DoS attacks are generally malicious in nature, with the goal of disabling a targeted organization’s network.  Note that in the Dark Traffic Report, we are only focusing on DoS attacks in email - DoS attacks exist across many other Internet protocols outside of our purview here, including HTTP, IM, FTP, RPC, etc.

About Directory Harvest Attacks
The goal of a Directory Harvest Attack (DHA) is to identify valid email addresses within a given domain.  The traditional purpose has been to gather lists of valid email addresses for resale or for targeting future spam attacks.  But with the rise of Active Directory and single sign-on technologies in the enterprise, the threat extends to network and information security.  Network login credentials and email address are often configured to be the same.  As a result, email application security is critical to prevent directory loss, which can deliver thousands of usernames to outsiders, allowing them to focus cracking efforts on the exact username list with the goal of breaching the network itself.  This puts confidential operational and customer data at risk of compromise.

About Tumbleweed Communications Corp.
Tumbleweed provides security solutions for email protection, file transfers, and identity validation that allow organizations to safely conduct business over the Internet. Tumbleweed offers these solutions in three comprehensive product suites: MailGate®, SecureTransport™, and Validation Authority™. MailGate provides protection against spam, viruses, and attacks, and enables policy-based message filtering, encryption, and routing. SecureTransport enables business to safely exchange large files and transactions without proprietary software. Validation Authority is the world-leading solution for determining the validity of digital certificates.  Tumbleweed’s enterprise and government customers include ABN Amro, Bank of America Securities, Catholic Healthcare West, JP Morgan Chase & Co., The Regence Group (Blue Cross/Blue Shield), St. Luke’s Episcopal Healthcare System, the U.S. Food and Drug Administration, the U.S. Department of Defense, and all four branches of the U.S. Armed Forces. Tumbleweed was founded in 1993 and is headquartered in Redwood City, Calif. For additional information about Tumbleweed go to www.tumbleweed.com or call 650-216-2000.

Tumbleweed, MailGate, SecureTransport, Validation Authority and Dark Traffic are either registered trademarks or trademarks of Tumbleweed Communications Corp. in the United States and/or other countries. All other trademarks are the property of their respective owners.

SAFE HARBOR STATEMENT
Tumbleweed cautions that forward-looking statements contained in this press release are based on current plans and expectations, and that a number of factors could cause the actual results to differ materially from the guidance given at this time. These factors are described in the Safe Harbor statement below.

Except for the historical information contained herein, the matters discussed in this press release may constitute forward-looking statements that involve risks and uncertainties that could cause actual results to differ materially from those projected, particularly with respect to Tumbleweed’s ability to identify and quantify Denial of Service attacks, Directory Harvest Attacks and other Dark Traffic, as well as the performance and functionality of Tumbleweed’s products. In some cases, forward-looking statements can be identified by terminology such as “may,” “will,” “should,” “potential,” “continue,” “expects,” “anticipates,” “intends,” “plans,” “believes,” “estimates,” and similar expressions. For further cautions about the risks of investing in Tumbleweed, we refer you to the documents Tumbleweed files from time to time with the Securities and Exchange Commission, particularly Tumbleweed's Form 10-K filed March 16, 2005 and Form 10-Q filed November 2, 2005.

Tumbleweed assumes no obligation to update information contained in this press release, including for example its guidance regarding its future performance, which represents Tumbleweed’s expectations only as of the date of this release and should not be viewed as a statement about Tumbleweed’s expectations after such date. Although this release may remain available on Tumbleweed’s website or elsewhere, its continued availability does not indicate that Tumbleweed is reaffirming or confirming any of the information contained herein.

 

Products

Solutions

Industry Solutions Application Solutions

Additional Information

Contact Us

Press Kit