Taking the stage at LegalEx 2021 was Advanced UK’s Joe Gallagher. Joe delivered an insightful lecture on how UK law firms can benefit from digital transformation, and the opportunity to maximise a firm’s profitability based on a 1% increase in productivity by fee earners.
At the end of 2021, Gartner reiterated that the top concern of boardrooms globally is cybersecurity. With the invasion of the Ukraine by Russia, and the waves of sanctions which have followed, it’s fair to say that there is an absolute urgency to securing corporate networks.
The Kremlin continues to suggest that retaliation may be directed at the United Kingdom, and our banking, health, and infrastructure networks are warned to be on their highest alert for waves of cyberattacks.
Individual businesses are at equal risk. By targeting even small businesses and members of the public, criminal gangs are more likely to be able to be able to penetrate the larger organisations which are better protected. After all, who doesn’t access their personal email while at the office?
Email Security Statistics 2022
According to MimeCast, over the past year a staggering 96 percent of organisations were targeted by an email-related phishing attempt. More worryingly, 75 percent of organisations globally were attacked by ransomware. Of those successfully penetrated, 64 percent paid the ransom, and yet 40 percent never succeeded in unlocking their data.
What is the Risk of Email Phishing?
Phishing is the use of emails designed to trick users into revealing personal data or to follow a link which fools them into installing malware. At a business level, such tricks enable hackers to gain access to your organisation’s network.
Not all such cyberattacks are purely vindictive, insofar as some are designed to load cryptocurrency mining software onto your servers. However, such incidents can cause severe degradation to your network rendering it almost unusable.
There are four primary objectives of phishing, including:
The most ubiquitous form of phishing is the type of email designed to trick users into revealing their usernames and passwords, bank details, or similar personal data. The criminals use these data to make fraudulent payments, or to access further services to which you have access.
Unfortunately, most victims don’t realise they’ve been tricked until it’s too late. It might be personal banking details, or access to critical software systems upon which the business relies.
So common is the ruse of deceiving members of an organisation that a fraudulent communication is from a senior officer, that this style of phishing has been named as Business Email Compromise (BEC).
Such impersonation tricks the recipient into believing that a senior manager has sent the email, instructing them to make a payment, authorise an invoice, or otherwise place an order for goods or services. The most effective such scams are for seemingly trivial purchases and, as such, they tend to remain unchecked for months or even years.
The pressure of work fools many users into opening following a link to a website which is anything but what it seems. If the email appears to be from a known contact, and it’s a link to meeting request, it’s all too easy to be fooled.
Once connected to the scam site, the cyber criminal’s code attempts to download a file which can be exploited on demand. Trojans are used to install so-called key loggers which record all of the user’s keystrokes (revealing login credentials, for example), or they can be used as the onboarding tool for the installation of ransomware software.
Without a doubt, it’s ransomware which strikes fear into every IT Director or CISO. Ransomware encrypts files across the network, and it spreads incredible fast, leaving a trail of destruction. Only the most attentive system administrators can hope to shut down all systems before the damage is irreparable.
With your data held hostage pending payment through cryptocurrency, the additional risk is that payment doesn’t assure the attacker will offer the codes to disable the virus. In fact, 40 percent of victims lose all data created since their last functional backup.
Planning for Email Security
Today’s email threats move quickly, and dangerous attachments increasingly resemble conventional data. Growing enterprises require predictive email security to combat today’s dangers while also planning for the future.
To protect enterprises from email-borne dangers and data leaks, it’s essential to scan both internal emails as well as inbound and outgoing email traffic. Enterprises require spam filtering as well as spam protection against advanced threats such as phishing, “malspam”, business email compromise, and account takeover. Implemented correctly, you can prevent at least 99.9% of phishing and spam attacks!
To scan all links and documents, you require a platform which uses its own email sandboxing tools. These work by processing emails in a secure environment, scanning all links and documents for active code and evasive behaviour in real time. This keeps users from clicking on unsafe links or downloading and opening harmful files.
You need configurations which are simple and quick to use, whether you are deploying on-premise or in the cloud. Interestingly, the current opinion is that cloud instances are the most secure when they use private cloud installations since there are then no shared environments or certifications to be concerned about.
10 Critical Email Security Features
In preparing this article, we considered the range of features which define the optimum level of network protection from the various email threat vectors.
You must be able to identify and block imposters, as well as prevent others from impersonating you, using software. To prevent spoofing, you need to be able to examine a combination of SPF, DKIM, and DMARC authentication approaches as well as email headers. Check that you can generate DKIM keys immediately to use with your own domain for increased security or DMARC compliance.
PROTECTION AGAINST MALICIOUS FILES
Zero-Day Attacks are prevalent, and anti-virus engines cannot be relied on to protect against them. They rely on out-of-date definitions and revisions that may arrive too late. Your email protection suite should have sandbox protection to prevent new malware from infecting users. For example, all documents, including PDFs, should be examined, neutralised or banned.
PROTECTION AGAINST MALICIOUS URLS
Because phishing emails exploit people, not systems, your users are drawn to webpages which request personal information. The best email protection platforms offer protection against malicious URLs at the moment the user clicks on them. at the point of click. The upshot is that users are unable to click through to malicious links.
BEC AND IMPERSONATION ATTACKS PROTECTION
Business Email Compromise is estimated to cost US$2 billion annually, and the attacks are increasing. By targeting the highest echelons of an organisation, it’s all too easy for employees to believe they are merely following instructions.
There’s even a term called “Whaling”, in other words, targeting the biggest fish in the organisation. Email protection software to counter BEC phishing requires sophisticated algorithms to protect users from impersonation attacks.
Reaction Speed is critical
As noted above, and most especially in respect of ransomware, it’s the speed of your response which delivers the ultimate protection. The best phishing protection software uses advanced algorithms to inspect the email’s headers for unusual patterns, and it’s essential to ensure your security information management (SIM) and security event management (SEM) – SIEM – systems are integrated. There is an absolute need to access real-time data of security alerts reported by your other software systems as well as those triggers reported by hardware.
Single threat analysis dashboard
Look for anti-phishing platforms offer a comprehensive dashboard. Your security team need an easy-to-use interface through which they can see the pattern of email attacks. Optimally, such a dashboard should provide real-world, real-time data on similar organisations so you can be alerted to unusual activity instantly.
Email phishing threat management is a key feature in establishing your protection. Often referred to as “Threat Remediation”, the principle is to enable the centralised retraction and deletion of a compromised email before the user has even seen it.
Encrypted email is best
Emails have never been secure, and it’s bewildering to realise that every communication can bounce around the world before arriving with the designated recipient. The risk of an email being intercepted is very high!
By encrypting your emails end-to-end, that is from sender to receiver, you are creating a level of trust between both parties. Obviously, you need to share your decryption code with the specified recipient.
Have you paused to consider the impact of losing access to your corporate email systems? Most businesses rely on either Google or Microsoft 365, and yet both are vulnerable to outages. It makes the best sense to have a fallback inbuilt within your email protection suite to ensure that reading and replying can always be assured even when your primary service is offline. It’s a business continuity imperative!
Managing mobile email
Almost everyone in business accesses their email through their mobile devices, and smart phones are any but smart, so don’t accept a system to protect your email which fails to include protection for all popular phone operating systems.
Email Security Next Steps
At Advanced UK, we believe that email security is overlooked far too often. Every business, large and small, should be aware of the extreme risks facing us all. We have built up our IT security portfolio to one which spans all stages of document creation and distribution. Whether it’s secure print, encrypted 2FA fax or email, or world-leading email cybersecurity protection systems for corporate email, we have the optimum solution.
Reading Time: 6 minutes