CIOREVIEW >> Security >>

How email attacks are affecting organizations!

By CIOReview | Friday, August 19, 2016

As the ‘alphabets of the English language’ transformed into ‘0s’ and ‘1s’, along came the Email epoch! However, little did technology pioneers know that threat would be embedded at the flipside of this coin! Malicious software or malware broke havoc in the technology world. Freights of data started getting leaked. Target, Sony Inc., all were at the receiving end!

Even creators of the technology didn’t get spared. 2 months ago, millions of Gmail, Hotmail and Yahoo email account details were stolen in a huge cyber attack. How can these frequent attacks be minimized? Let’s discuss!

Error 0x00AEM001489: Malware detected!

While email has made life easier for organizations, it has also given ingress cards to hackers for circumventing an organization’s network and breaking havoc. By leveraging the email protocols as tunnels, networks can easily be infiltrated by the hackers. Trojans can be installed specifically and confidential information can be seeped out easily. Also, these malwares can be used to obtain control over the servers. Also labeled as “instructive viruses” or “spy viruses” by some security spearheads, malwares can thus be quite dangerous for the integrity of the data which an organization holds.

The insider threat

If organizations believe that only by barring crackers and hackers operating from the outside network, they can prevent their data getting breached, then they are not entirely correct. Various studies have shown how employees use email to send out confidential corporate information. The reasons can be many: Revenge, no or partial salary hike, disappointment about a particular issue. The data which was officially supposed to remain in-house gets leaked due to diminutive negligence being shown by the firm.

Raising the cautionary tickets

Organizations need to work on their detection and prevention systems in order to avoid breach of confidential data affecting their integrity and reputation. Identity Detection System and Identity Prevention System (IDS & IPS) measures can be employed to raise alarms in case of an intrusion in a firm’s servers. Firms can take numerous precautions to ensure that they get the right intrusion information at the right time.

Putting breaks on Macros

A macro is a series of written instructions or recorded keystrokes and mouse actions which eliminate wasted time and the risk of error that typically occur when performing repetitive tasks. Though advantageous, Macros can be disastrous for a firm as hackers typically use this mechanism to carry out email attacks. Users are egged on by hackers through email attachments to switch on this application, and leave a window opened for them to exploit. In order to mitigate this loophole, organizations must upgrade their Office suite to at least Office 2013 which uses protected view to shield users and the data they hold.

Only installing necessary applications

Users have the tendency to install any application which they feel can be helpful in their day-to-day activities and roles. This is where the IT team needs to intervene! The source code of the application may not be verified by the users before installing the app, leaving potential vulnerabilities. The IT team has to monitor whether the applications installed are downloaded from legitimate sources. They have to monitor that the users are not installing any unnecessary apps.

Enabling Sandboxing

Cyber criminals have adept techniques to obfuscate malware download URLs within the email attachments. But the organizations still lack in employing content analysis and anti-malware scanning methods that can restrict these malwares. Sandboxing the email attachments is the best-possible method that a firm can carry out to minimize the threat from malicious attachments. This process flags and blocks any activity performed by the attachment to download an ‘.exe’ executable file or ‘.msi’ software.

Gateway control

The only predicament that rises while using sandboxing technique is that many server resources may get involved, which in-turn may cause the IT cost to rise. Firms looking to evade this expense must consider stripping out all the active code in the document at the gateway. The employee still receives the file with almost no delay, and in a safe format with no active code. This method denies hackers in leveraging the attachment to use against the organization and gives them gateway control.

Bridge the knowledge gap

Email security might be incomplete without tools, technology, and process, but it also requires competent human resource to carry out all these elements in tandem. Recent research from Mimecast shows the lack of confidence in 67 percent of organization leaders that their employees would spot the macro-based attacks. The main reason behind this is deemed as inadequate and irregular training sessions. Firms must understand that for the continual development of their employees’ technical knowledge, it is necessary to organize regular training sessions and workshops .

Mirage or a polestar?

Information security checklist involves a great bit of things; advanced processes and technologies, counterintelligence technique skill-sets, valid technique, and above all the top management buy-in. With disrupting technologies, the threats are also becoming more potent and sophisticated. There is a need to update the existing risk mitigation technologies and think from a hacker point of view. Emails are the safest bet that hackers can play! One wrong press on the bait attachment, and wooosssshhh!! All confidential data will be gone in a few seconds.

The outdated email security measures have been working as a mirage for the industry. It is high time now that industry leaders sit together and device methods and techniques that can not only detect malwares but also prevent them. There is a need for the industry to turn up and employ measures that can work as a polestar.