Home North AmericaNorth America I 2015 Understanding the risk posed by email-borne cyber-attacks to businesses
North America I 2015

Understanding the risk posed by email-borne cyber-attacks to businesses

by Administrator
Patrick PetersonIssue:North America I 2015
Article no.:9
Topic:Understanding the risk posed by email-borne cyber-attacks to businesses
Author:Patrick Peterson
Title:CEO & founder
Organisation:Agari
PDF size:228KB

About author

Patrick Petersen, CEO of Agari

Pat Peterson is Agari’s visionary leader and a pioneer in the email business. Peterson joined IronPort Systems in 2000 and defined IronPort’s email security appliances. He invented IronPort’s SenderBase, the industry’s first reputation service. In 2008, after Cisco’s acquisition of IronPort, he became one of 13 Cisco Fellows. In 2009, he spun-out email security technologies he developed at IronPort/Cisco into a company he founded, Agari, which secures the email channel. He is currently CEO at Agari, formerly Authentication Metrics, Inc. (AMI), and consults for Cisco as a Cisco Fellow. He chairs the technical committee for the Messaging Anti-Abuse Working Group (MAAWG) and holds B.S. and M.S. degrees in electrical engineering from Stanford University.

Article abstract

Email is a simple and direct way of reaching and staying in touch with customers. However, we only need to look at recent news headlines to see how today’s cybercriminals are amplifying their use of this communication tool to spread data-theft malware. The infamous Target data breach, for example, clearly illustrates how cybercriminals are capitalising on email before, during and after attacks to steal credentials, infect machines or get enough information to continue the next steps of their malicious campaign. The growth of digital marketing is also facilitating the use of email as an attack vector. Indeed, companies are spending record amounts of their marketing budget on reaching their customers via digital channels. However, while this can be hugely successful from a business perspective, customers can struggle to spot phishing emails when, for all intents and purposes, the message that has landed in their inbox looks like the real deal.

The unfortunate truth is that email was created with a fundamental flaw – anyone can send an email using someone else’s identity – and perpetrators of cybercrime are exploiting this weakness. Hackers use many tricks, but one of their favourites is to take advantage of design flaws

Full Article

Email is a simple and direct way of reaching and staying in touch with customers. However, we only need to look at recent news headlines to see how today’s cybercriminals are amplifying their use of this communication tool to spread data-theft malware. The infamous Target data breach, for example, clearly illustrates how cybercriminals are capitalising on email before, during and after attacks to steal credentials, infect machines or get enough information to continue the next steps of their malicious campaign. The growth of digital marketing is also facilitating the use of email as an attack vector. Indeed, companies are spending record amounts of their marketing budget on reaching their customers via digital channels. However, while this can be hugely successful from a business perspective, customers can struggle to spot phishing emails when, for all intents and purposes, the message that has landed in their inbox looks like the real deal.

The unfortunate truth is that email was created with a fundamental flaw – anyone can send an email using someone else’s identity – and perpetrators of cybercrime are exploiting this weakness. Hackers use many tricks, but one of their favourites is to take advantage of design flaws in the basic architecture of the internet to send email from what looks to be a legitimate domain; usually a “.com” return address that appears to be identical to those used by reputable businesses. To date, there have been considerable technological developments that stop people from impersonating ISPs or domain spoofing, but it still remains relatively easy to do. Designing replica websites or branded emails is something today’s well-funded cybercriminal gangs have the time, resources and patience to do.

Given the amount of money that can be made with these exploits is enormous – often hundreds of millions of pounds – the number of criminals that will look at utilising this channel will only continue to swell, while tactics will become increasingly sophisticated. Take notoriously sophisticated threats like CryptoLocker “ransomware”, for example, which encrypts the user’s hard drive until a US$400 Bitcoin ransom payment is made. This attack succeeds because they abuse a growing number of web domains, with attacks typically spiking from thousands to millions of malicious emails per day as the criminals attempt to unleash malware before the security industry has a chance to respond.

Analysing the spear phishing risk

Indicative of the scale of the problem facing businesses worldwide, recent research revealed that 75 percent of US businesses are at high risk of malicious email attacks. Applying big data analytics to identify both the sectors and companies that have the highest and lowest risk for dangerous emails, the research shows that the healthcare industry is still an area of concern. Indeed, against a backdrop of worrisome healthcare cyber security news throughout 2014, the healthcare industry was the worst of every industry for implementing sufficient email security, with nearly 30 percent of major health insurance companies failing to prioritise email security at all.

The findings also revealed that email attackers aimed their sights at banks and other financial institutions more than any other type of company in 2014. The 14 largest US banks by assets, or mega banks, only scored an average of 46 out of a possible 100 in successfully implementing email security best practices, indicating that, despite being a primary target, they are still failing to adequately protect this valued communication chain. Indeed, customers of American mega banks faced an onslaught of email attacks at the beginning of last year. Etailers, on the other hand, are typically ahead in security, which is encouraging. Companies like Amazon, Netflix, and Newegg are recognised for being technologically innovative, so it stands to reason that they would do well in email security too.

Implementing DMARC

Given the recent number of security breaches that have involved used email in a bid to steal valuable consumer data, it is imperative that large global brands readdress their email security practices and boost defences to better protect their customers. The good news is that technology that shuts down email as an avenue of attack does exist. Email providers are a critical part of this security puzzle. Those that use the DMARC standard – an open security framework for email senders and receivers that standardises how to directly check authenticity of email and the domain – minimises the risk of a compromise. When DMARC is implemented by the brands that send email, a virtual “handshake” of sorts is instantly initiated with the email receivers that deliver email; the vast majority of who already support DMARC. With DMARC turned on, if an email arrives from a domain owned by your bank, you can be sure your bank actually sent it. Unauthentic emails are automatically rejected by the email receivers before they even reach the inbox.

Outlined below are four benefits of implementing DMARC:

1. Reduce Risks: By and large, companies are reporting that cyber attacks are the biggest risk they face. By preventing hackers from sending emails that pretend to be from registered domains, DMARC reduces the risks associated with fraudulent email. One study showed that by implementing DMARC, some brands have cut email abuse by more than 70 percent. Risks to the business from a cyber attack can be significant – the largest breaches have suffered from a loss in shareholder value to a call for change in the C-Suite. Not to mention the everyday business impacts which are ongoing operational losses, such as increased customer service calls and account takeovers.
2. Protect Identities: According to the 2014 Verizon Data Breach Investigations Report, there were 1,367 breaches in 2013, affecting over 15 industries and countless companies’ reputations. One of the reasons for this epidemic is that private information is extremely valuable, to more than just consumers. For example, there are numerous shadowy hacker websites where personal information, such as credit card data, can easily be bought and sold. Identity theft is a big business, and DMARC should be the foundation of any company’s effort to fight back.
3. Visibility and Control: DMARC is the only email technology that gives complete visibility into who is sending email on your behalf, at Internet scale. Many companies are surprised to learn exactly how many domains and sub-domains within their organisation and their authorised third party senders are delivering customer messages. What’s more, DMARC gives companies the ability to control what happens when a fraudulent email is sent. This security control did not exist before DMARC and it allows companies to prevent malicious mail from ever reaching a consumer’s inbox.
4. Strengthen Brand Trust: The trust and confidence of consumers is arguably the most important asset a company can have. The fallout and flagrant brand abuse following a security breach, in which users’ information is stolen and then sold, severely damages that trust, and can jeopardise customer relationships that have been carefully nurtured over many years. DMARC acts as a bulwark against that threat; email recipients can know with confidence that the emails they are receiving from a company’s registered domain are legitimate messages from one of their trusted brands.

Ultimately, DMARC puts in place secure email channels that previously could not exist, but was urgently required. The end result is a repeatable and scalable way for brands to protect their users from phishing attacks designed to hijack identity credentials and steal data. As high profile attacks that make use of weaponised emails continue to pervade the news, businesses and retailers would do well to understand how DMARC works to combat email vulnerability.

Ownership for defending customers from cyber attacks stays with the enterprise, as, ultimately, that is where the accountability lies. Businesses who secure their email channel not only have greater consumer trust, but also fewer fraud losses, less operational overhead and a significantly reduced chance of hitting headline news for all the wrong reasons. By taking a proactive, preventative approach to email security in this way, and choosing solutions that collect data about email channel activity globally, brands will be able to remove the risk of an infected email even reaching the intended recipient – their customers. In doing so, businesses can play a real role in breaking the vicious cycle of data breaches we are caught up in and stop malware attacks across the internet.

 

Related Articles

Containing security breaches with networking

Protecting our nation against cyber attacks: Vital needs...

Defining a workable corporate security strategy in the...

Cybercrime and mobile security in the enterprise

Exploring the motivations behind cyber crimes and how...

Cybercrime in North America

Securing our connected world

Cybercrime evolution

Are you prepared for an APT Attack?

Upcoming Events

Contact us
Copyright © Connect-World 2022. All rights reserved

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More