By Jonathan Somen, CEO of Eldama Technologies in Nairobi, Kenya
Emails have become one of the most efficient forms of communication in the corporate world. It is so efficient, easy and affordable to register an email address. With that convenience, there is a security threat posed and failing to seal that security loophole can have severe results especially for corporates. According to a 2017 Adobe email survey, we spend an average of 5.4 hours checking our emails. We do it every day! Its rotary, obsessive, even doing the one-eyed check in the middle of the night. And that is part of the problem, we can’t live without emails-they link us to the outside world, connect us with business partners across the globe while also keeping us in touch with our dearest friends.
One would think that as much time we spend reading emails, some of which are sensitive and important, we would do a better job of protecting our precious, virtual cargo.
Yet, according to a 2018 report by Mimecast, the foremost email security firm, analysis of cyber attacks suggest that 91 percent of all cyber attacks start with an email; this is the number one place to start securing data and infrastructure. This can be especially devastating for businesses as financial losses; data breaches and reputational damage are just some of the fallout of viruses like Petya and WannaCry.
WannaCry, which infiltrated numerous organisations, spread to 150 countries and is estimated to have cost the global economy US$8bn. Petya affected some of the world’s largest organisations, including Equifax, the credit monitoring and rating company in the U.S.
This keeps happening because, while technical solutions are available to curtail phishing attacks and other attempted hacks, they are complex and opaque, which means most companies have challenges implementing them fully.
Given that most hacks into a company originate from an email, three key areas are the primary attack vectors of an attempted hack. The first one is through a website link. This is a very common and effective way of infiltrating even the most secure networks. In many cases, URLs hide malicious code, which uploads into a computer, allowing access to the hacker into a machine and eventually into the entire network. Most users who are hacked using a URL will receive and email with the URL embedded to the email. They will then click on the link without thinking of the potential threat. An effective software will first vet the original website link and validate it in real time. Once it establishes the webpage is safe, it will then redirect the user to the website. Essentially, acting as a bulletproof vest for your emails.
A majority of emails have an attachment. This is another hotspot attack vector using emails. An attachment can contain an executable file that can quickly spread through the network. Incoming attachments are analysed to determine in real-time if the attachment is malicious. Once that is verified, the attachment is then released and arrives with the email as usual. An efficient email system checks the attachments and will strip them out if it finds malicious code and will notify the user. In some cases, it can give the user an option to present the attachment as a PDF, which will be a safe file, and a user has the opportunity to request the original attachment.
The final and most vulnerable attack vector is through impersonation attacks. A majority of hacks are launched with the view of impersonating someone, whether they are a senior officer of the company or a well-known supplier. In some cases, they may create a fake domain that looks like the one that is expected. By going through various checks, Mimecast will pick out impersonation attacks and protect email users from being duped into carrying out tasks that are fraudulent.