Cyber Resilience for Email – Technical Deep Dive

Email. It’s the number-one business application used by organizations. It’s also the number-one method used to execute cyberattacks, enabling malware delivery, phishing, impersonations, and the spread of threats that are already internal to your organization. In fact, 91 percent of all cyberattacks start with an email. And your organization can’t function for long without email. How many hours of email downtime can your organization comfortably live with? If email isn’t accessible due to an adverse incident like malicious intent, human error or technical failure, your organization would likely suffer from reputational damage, internal operational issues, and financial loss.

Meanwhile, the use of Microsoft Office 365 is massive, and adoption is accelerating. As organizations move to a cloud-based email environment, new challenges come along. The concentration of corporate mailboxes, and the complete operational dependency on Microsoft exposes organizations to new risks.

Email is at the intersection of a significant amount of risk for most organizations. If addressing this exposure doesn’t become a priority, successful cyberattacks will continue and data protection and personal privacy will suffer.

Traditional security approaches are no longer enough. Attack methods are quickly evolving and growing more sophisticated, targeted and dangerous. Right now, the industry is faced with email-borne threats such as phishing attacks delivering malicious attachments and URLs; impersonation fraud fueled by social engineering and aimed at tricking employees into behaving badly; and ransomware attacks that can encrypt your data and take entire systems offline.

These are only the types of threats we know about today. What about the future? One example of an emerging attack technique is the use of homoglyph/homograph-based attacks to mask domains, slip by your security controls, and to fake out your users as part of a spear-phishing attack.

It doesn’t stop there. There are more ways to exploit email that haven’t been put into broad practice. Mimecast recently provided an example of a new attack type we named Ropemaker. Fortunately, we have yet to see this attack type in the wild! By using this exploit a malicious actor can change the displayed content of a delivered email at any time, post-delivery. This could mean swapping a benign URL with a malicious one in an email already delivered; turning simple text into a malicious URL; or editing any text in the body of an email, whenever the attacker wants to – and all of this can be done without direct access to an inbox – after delivery. The point is attackers are not standing still and so the defenders must not either!

It’s Time for a New Approach
A defense-only security strategy is not sufficient to protect against this level and volume of advanced email-borne attacks. Continuing to invest in disparate technologies and focusing on a defense-only security strategy will lead to consequences like intellectual property and financial loss, unplanned downtime, decreased productivity and increased vulnerabilities. Legacy technologies can leave holes in your security and force you to chase tomorrow’s attacks with yesterday’s approaches. This also leads to additional cost and the need to find more of the right people to manage a complex security environment. It’s no wonder so many organizations are struggling to keep pace.

The only way to get ahead of cybercriminals and to holistically protect your business is to adopt a new approach to email security. You need a multidimensional approach that brings together threat protection, adaptability, durability and recoverability in a single cloud-based service.

You need to enable these four dimensions to truly provide cyber resilience for your email.

Read the full article here.

Join up to 300 delegates at Europe’s elite cyber security event