Entry door of cyber attacks : email servicesOrhan Sari
Email is one of the most critical tools of communication today. It is part of our daily life for all proceedings we do online. It is all-important especially for institutions that make deals online. In addition, many services on the internet, even social networking sites, require an email address for the usage of their services. Hence, due to features email has, it has been a tool for malicious people to attack. As it is displayed below, many attacks vectors have been carried out via email services to harass, trouble and disturb people. Therefore, it is important to be aware of anti-phishing solutions.
The most common incidents involved phishing attacks were successful in infiltrating the corporate network with 34 % rate. Successful ransomware attacks have a 30 % rate. Malware infiltration through some unknown source 29 % (Osterman Research, 2016). Also, 17% of users declared that sensitive information was either accidentally or maliciously leaked via e-mail. In addition, 14 % of users said that an e-mail spear phishing attack was successful in infecting either one or more supervisors.
Nowadays, there are many border security components and anti phishing test page solutions for corporate email security. AntiSpam, Firewall, Intrusion Detection and Prevention Systems (IDS / IPS), as well as Data Leakage Prevention (DLP) systems, are essential measures. If the institution is more risk-aware, there is also a zero-day protection product, reputation analysis service, cyber intelligence support (use our anti phishing test page for free)
Well, how much do these systems protect us? Let’s look at the risks that target e-mail services before this question.
Risks targeting email services
In today’s technological surroundings, anti-phishing solutions have been one of the main issues being addressed. Because, cyber criminals have the ability to leak into computer systems and servers, stealing sensitive information. No matter how hard the institutions try to fight against these types of security breaches, a hacker is always one step further. However, provided that a company can find out security weaknesses and vulnerabilities before a hacker can, it may acquire a significant opportunity for protection.
Keepnet Labs gives the occasions to accomplish this process with its test categories. Because Keepnet configured the test categories according to the needs of the organisations. Moreover, test categories entirely depend on the scope of operation. Main test categories are:
- Data loss prevention,
- Vulnerability scan,
- Malicious attachments,
- Client-side attacks,
- Ransomware samples,
- File format exploits
- Threat intelligence
1. Security Weaknesses
The vulnerabilities discovered in email services have the consequences of infiltrating the target system. Also, it reveals information and makes systems inaccessible when attackers abuse these vulnerabilities. Hence, it is necessary to discover these weaknesses caused by the provider’s misconfigurations in the e-mail services.
2. Client-Based Defects
The attack vectors for internet users are increasing day by day. A link in e-mail can put a careless user to great risk. A link containing malicious content can be enough to capture a computer alone. Therefore, e-mail service components’ security must be intensified against such harmful links.
3. Harmful Files
When malicious content in the email attachment reaches the user, it may take over a computer as well as the entire network. Hence, anti phishing solutions such as signature-based antivirus software and intuitive analysis services must analyse these files.
In the case of infection, one must pay a ransom for the all data encrypted. In this sense, it is necessary to tighten the e-mail service as well as wait for the analysis services to bring anti-phishing solutions to both detect and prevent specific behaviours for ransomware.
5. Missing Faulty Configurations
This is a very common security problem. A poorly configured configuration in the e-mail service can cause a serious crisis. Since, it sends email without authentication. For example, an attacker who connects to your email service without authentication, can send a random e-mail to your employees. Especially, an attacker who imitates the CEO may be more likely to succeed.
6. Internet Traffickers Abuse Kit
Emails that contain known vulnerabilities of internet browsers cause identity theft, both data leakage and access problems. Sometimes a link may contain an abuse piece of code. In this case, the e-mail service and the security components as well as anti phishing solutions must provide defensive measures.
7. End User Awareness Issue
Another crucial point is that attackers who bypass all security precautions, use the unawareness of the end user to attack. Hence, regular training for the awareness of these subject is important. Via phishing tests, exams, questionnaires and games, the awareness levels should be measured periodically.
How Can We Test the Security of E-Mail Services?
The risks target e-mail services are familiar. Many people faced some of these risks. Measures to take against these risks may lose their effect over time. New threats may be late for detection. Moreover, one do not have a risk, creates an artificial sense of safety. Without waiting for security risks to arise, one have to be in control of the risks mentioned above. There are two ways:
- Penetration Tests: It is possible to get help from experts via this test. However, it can be expensive, only will be a snapshot and can’t be automated.
- E-Mail Threat Simulations: These services are more proactive, hosting the attack vectors in themselves and keeping users on real risks regularly. This test methodology performs active and passive tests for many of known threats against to Email server and its border protection mechanism
The Email Threat Simulation (ETS) module of Keepnet Labs allows companies or individual users to perform active and passive tests for risks. You can start using it by being a member at https://ets.keepnetlabs.com/
 Osterman Research (2016)