Email remains top attack source for delivering security threats

Dubai

Organisations need to boost their cyber resilience strategies for an email with a multi-layered approach to help prepare for any type of attack — whether from outside or inside, an industry expert said.

Steven Malone, Director of Security Product Management at Mimecast, a cloud-based company specialising in email cybersecurity and management, said that email is the primary attack source threatening corporate security for ransomware, impersonation and malicious files or links. Nearly a quarter of “unsafe” emails are being bombarded to users’ inboxes every day.

“There is continued challenge of securing organisations from malicious attachments, dangerous files types, impersonation attacks, as well as spam. We monitor millions of emails every day and found that employees who sit behind the computer are the weakest link when it comes to protecting digital information,” he said.

Moreover, he said that a cybercriminal is really interested in getting hold of the company’s credentials and they will do it by deploying malware on an employee’s machine or with their help of the employee to launch an attack on the organisation.

Ransomware is available from 1989 and even in 2017, it is still growing, he said, that shows that security technology is not working and it is not the only way to fix security issues. Organisations need to bring their employees into part of the security solutions and it is the key.

“No security solution is 100 per cent safe and it is a never-ending story. Employees need to be more cautious when they get emails. Organisations need to first assess the actual capabilities of their current email security service,” he said.

According to Mimecast, over 90 per cent of cyberattacks start in email and while email itself is seldom the end goal for the attackers, over 70 per cent of these attacks lead to other systems in the network. “These email attacks predominantly feature techniques such as spear-phishing, ransomware and impersonation of key employees,” Malone said.

He said that out of the more than 45 million emails inspected recently, all of which had passed through the incumbent email security system in use by each organisation, 31 per cent were deemed “unsafe”. These assessments have uncovered more than 10.8 million pieces of spam, 8,682 dangerous file types, 1,778 known and 503 unknown malware attachments and 9,677 impersonation emails.

He said that the recent discovery of “Ropemaker”, which can make changes to an email after it had been received and read by the recipient. It affects email clients like Outlook and Apple Mail and not Web-based email systems like Outlook.com and Google Mail.

“Hackers could swap a URL with a malicious one in an email or turn simple text into a malicious URL, or edit any text in the body of an email whenever they want. All of this can be done without direct access to the inbox,” he said.

So far, he said that no vendors have recognised “Ropemaker” as vulnerability and have taken action on their part to protect their users.

He said that Mimecast has built Ropemaker protection into their security software.

“Many organisations believe that a single cloud email vendor can provide the appropriate security measures to ensure protection from email threats. These providers are leaving holes in security, thus driving the need for third-party email security services,” he said.