Asia's Source for Enterprise Network Knowledge

Sunday, May 26th, 2019

Security

Safeguarding Your Company Against Email Security Failures

Rapid digitalisation has resulted in a surge in both the number of endpoints and the means by which cybercriminals can infiltrate enterprise networks. Around the globe, the total financial damage due to cybercrimes is predicted to reach $8 trillion by 2022, according to Juniper Research. Over the years, Asia Pacific has seen a rise in the scale and volume of cyberattacks, including WannaCry and Petya, resulting in the compromising of data in organisations across all industries.

Singapore, in particular, has found itself fending off cybercriminals from all sides. A data breach in the I-net system of Singapore's Defence Ministry (Mindef) last year led to the personal data of 850 national servicemen and Mindef employees being compromised. Additionally, Petya ransomware, which proliferated through malicious emails with attached Microsoft Office documents, also caused losses in productivity across companies in Singapore last year as these organisations were forced to shut down computers as a deterrence measure.

Email continues its reign as the primary threat vector across the region, as is also the case globally. With the global number of email users expected to reach 2.9 billion in 2019 and daily email traffic predicted to reach 235.6 billion in 2018, it is no wonder that cybercriminals are leveraging this communication channel to get their hands on sensitive data and business information.

State legislation on the national and supranational levels has made organisations more accountable in the case of email security breaches. In Singapore, for instance, organisations now have to adhere to the General Data Protection Regulation (GDPR), which recently came into full force at the end of May, on top of complying with the Personal Data Protection Act (PDPA).

Consequently, it is paramount for companies across Asia Pacific to have innovative email security solutions at hand to safeguard themselves from cyberthreats.

Increasing awareness surrounding phishing emails

Phishing emails account for the majority of cyber attacks. The top 1,000 companies in South East Asia are at risk of losing up to $750 billion due to cyber crimes, according to a report published by A.T. Kearney. Phishing methods have evolved rapidly. Gone are the days of a Nigerian Prince asking for money. Now, impersonation is the go-to method for scammers who urge users to type in their details, password and/or banking information on a very realistic, but fraudulent, website. Microsoft Office 365 was one of the recent victims of such phishing emails: Microsoft Office 365 users who entered their details granted cybercriminals access to all the data and documents stored on their accounts.

Business Email Compromise attacks (BEC), more commonly known as CEO fraud, involve cybercriminals impersonating someone occupying a senior leadership position with the aim of requesting the urgent and immediate transfer of sensitive information or funds. By using purported deadlines or stating looming legal issues, cybercriminals then pressure recipients into acting swiftly.

To appear legitimate, cybercriminals search for public information about the senior manager in question from press releases, company websites, or other disseminated information. In addition, the scammers thoroughly research information about their intended targets, which range from the HR personnel or finance department to the CEO’s executive assistant. The phishing email is then tailored specifically to the company, the senior leader in question and target audience based on the scavenged information.

Malware detection and prevention

With the digitalisation of various business aspects, email has become cybercriminals’ gateway for delivering malicious malware and viruses. One unlucky bank official from India’s Union Bank, for instance, accidentally opened an email enabling cybercriminals to steal $171 million from the bank.

Given how emails have become the day-to-day internal and external communication tool for businesses and individuals, enterprises need to leverage innovative technological solutions to detect malicious attachments before these are even opened by employees.

Cybercriminals’ increasing sophistication – as reflected in recent cyber attacks, including the DNSMessenger attack in 2017 – emphasise the necessity of multi-level virus protection in the new digital world. Sophisticated tools allow the detection and comparison of malware ‘digital fingerprints’ against a database as well as the immediate deletion of infected documents upon the discovery of a match.

Such measures contain the damage and prevent the virus from spreading. Thereafter, IT forensics can detail the point of entry and number of infected computers, and provide action steps for users. This information can then assist in adjusting the virus scanner system for future attacks and sensitising employees.

Combining technology and the human factor in the war against cybercrime

Being proactive against cybercriminals is a vital approach for businesses and enterprises, regardless of their size. While the digital revolution has resulted in the increasing sophistication of attacks, it has also given rise to ‘smart’ and innovative approaches for countering these security threats.

An all-encompassing email security solution filters out phishing emails and actively warns employees that they will be directed to a fraudulent website. The key differentiator separating the real website from the fake one is the incorrect suffix in the URL. Advanced email security solutions provide time-of-click protection, immediately warning employees of the security threat based on a database of known phishing web addresses.

Sandboxing an email attachment is a solution to combat phishing attempts with malicious attachments. While sandboxed, the program examines the dubious attachment in a secure, virtual environment and tests for irregular behaviour. Moreover, using multiple virus scanners employing a heuristic analysis of the attachment will provide additional layers of protection for organisations.

However, all the layers of technological protection and available solutions to quarantine attachments cannot provide protection from the human factor. 91% of all email-related security breaches occur as a result of poor employee practices. With new viruses and malware being developed by the hour, employees need to be educated and trained to be vigilant. A tandem approach, using both innovative systems and trained employees, is the best way to dramatically lower the risk of email security failures.

 

Oliver Prevrhal, Managing Director at Retarus Asia