It’s been 38 years since the invention of email and today, it is still the number one communication tool in and out of enterprises. While technology, hardware, infrastructure and the internet itself evolved tremendously in the past almost 4 decades, email is the spoiled child of the family that declines to grow up.
Unfortunately, email is also one of the most used attack vectors when it comes to targeted attacks or the initial phase of an APT. Even though content filters are doing a great job and we don’t see as much spam as we used to let's say 10 years ago, in fact, 80% of all global email is still spam. The fact that we don’t see it doesn’t mean that it doesn’t exist. Just check your Spam or Junk folder.
One possible approach is for enterprises to move away from email and start using other collaboration tools. I have personally experimented with such tools and they work great.
Change is difficult and costly, but migrating away from email will bring a lot of benefits. This change is on its way but in the meantime, consider taking a few steps to protect your data.
Most APT attacks that we’ve analyzed in the past 6 years started with a single email attachment. In some cases, the content filtering solution used correctly tagged that email as spam, but since the biggest threat always lies in-between the keyboard and the chair, some opened the infected attachments even though the e-mails had already been classified as Spam. Analyzing the attachments' behavior in a virtualized sandbox prior to delivery to the recipient can decrease this risk by a lot.
While all these steps are useful to block or complicate attacks, you should also consider the (hopefully hypothetical) malicious insider as a threat and implement egress filtering for email, especially for email attachments. Harmonizing this requirement with an “encrypt everything at all times” policy is left as an exercise for the enterprising CI(S)O.
Bogdan Dumitru, Bitdefender's CTO, spent the past 15 years building the core technologies of one of the world’s most advanced security suite. Throughout his career at Bitdefender, he co-authored several patents and built innovative technologies that now form the cornerstone of a product protecting more than 500 million users worldwide. He is also an advisor and angel investor in Romanian technology startups.View all posts
June 02, 2023
Don’t miss out on exclusive content and exciting announcements!