Email attachment still the easiest route to enterprise hacking

Three million emails are sent in the world every second. This is the latest estimate from the Radicati Group in their ‘Email Statistics Report, 2009-2013‘ . According to the research, the number of worldwide email users in 2009 totals over 1.4 billion and email traffic amounts to 247 billion e-messages every day. How many potential threats and attacks are hiding behind these vertiginous numbers? One can’t help but wonder.
Emails have long been one of the most prevalent vectors of attack for cyber criminals to spread worms, Trojans and viruses. Today, of all the malware distributed globally, 12% are passed through emails, reports NSS Labs in January 2009. While emails themselves are rarely malicious and can be open and read safely by users, email attachments may hide malicious programs that, if unleashed, can compromise a machine.

The large majority of computer users is well aware of the dangers of email attachments and specifically, has been educated against the potential danger of executable files (.exe) or spams. However what many users ignore is that non executable file applications – such as Word documents, PDF, JPG, PowerPoint documents to name a few – can be equally dangerous. These types of files are often regarded as harmless because they are non executable files; they constitute very common attachments to an email and are seen as safe and acceptable receivables. Yet, file applications have been increasingly exploited by hackers lately.

Adobe PDF, Word, Excel or PowerPoint files all conceal certain number of program vulnerabilities,” explains Guy Guzner director of security products at Check Point. “These vulnerabilities are discovered and fixed gradually by their vendors, but in between the patches, hackers take advantage of the existing files’ flaws and insert malicious programs into the defective files that they will then distribute to their selection of recipients as email attachments.”

Tricked by an enticing email (“check out my last pictures!”) the receiver is enticed to open the malicious attachment whose only purpose is to deliver malware and infect his/her machine. If successful, such exploit enables its authors to gain control of the user’s computer, initiate an attack on another machine and start sending out copies of the malware to all email addresses found on the computer.

A large variety of files including Microsoft Word, PowerPoint, Abode PDF, PSP, JPG or video files like Apple QuickTime Player have been affected lately. In Microsoft last October’s Patch Tuesday, out of 34 vulnerabilities revealed, 11 were touching file applications, including image or video formats.  Over 20 Adobe PDF vulnerabilities were reported the same month.