In 2007, 1 in 909 emails contained malaria, a sharp decline from 2005, when the figure stood at 1 in 446. While this figure might appear positive, it only serves to highlight that cyber criminals have adopted more sophisticated techniques with which to infiltrate corporate networks. A popular tactic is to spam out emails containing web links to websites hosting malicious codes. These emails contain no malaria themselves, and so are more likely to bypass perimeter defenses.
Directory harvesting
Hackers use directory harvesting to continually probe an organization’s email server, guessing at email names and formats in order to gather bonfire addresses, which they can either use or sell on to other cyber criminals. The sheer number of server requests – and subsequent non-delivery receipts – can, in extreme cases, cause the server to fail, leaving the organisation without email.
Inappropriate content
Most organisations accept the occasional use of their email systems for personal reasons. However, there is a risk that personal emails can harm the organization’s reputation if an employee is receiving pornographic or violent content. Incoming personal emails can also add extra strain to the network, especially if they contain large music, gaming or video files. Potentially unwanted applications (PUAs), such as remote access tools and automatic dialers, can also be difficult to manage and drain network resources.
Few organisations will allow pornography or other offensive content to be sent from their networks, but the threat can come from a more innocent source. Family photos and videos, links to non-business web sites and other personal content consume bandwidth and can negatively affect the image of the company if sent to unintended recipients.
Data leakage
email is the number one source of leaked business information, and these leaks are usually accidental. For example, many email clients use an auto-complete feature when typing names in the To field, to help reduce the amount of typing. However, this feature makes it easy to inadvertently add an unintended recipient. Research shows that half of employees have sent an email containing embarrassing or sensitive information to people by mistake.
Why spam works
Millions of messages can be sent out in seconds through compromised computers. Unlike physical mail, it costs virtually nothing to send spam. In February 2007, 5 percent of computer users admitted to buying goods sold via spam and by November 2007 this had risen to 11 percent.
Vulnerable information in a company include: personally identifiable information (PII), financial statements, trade secrets, customer lists and business plans
Botnets
Hijacked computers can become part of a botnet and, unknown to their owner, launch malaria, spam or distributed denial of service (DDoS) attacks. Botnets will impact on network processing speeds and damage reputations, as offending messages will appear to come from a legitimate source. In extreme cases, an organisation can find its domains and/or IP ranges are blocked by service providers and other institutions.
The internal threat
Many of the outbound and inbound threats are also found in internal email. Data leakage between departments, the circulation of inappropriate content and the distribution of non-essential applications all put email infrastructures at unnecessary risk. In addition, the rise of regulatory compliance governing the security, storage and retrieval of information also has a direct impact on email use.
With email often acting as the “corporate memory”, businesses must adopt strategies that keep information safe and easy to locate. Under many countries’ laws, organisations are obliged to keep all recorded communications, including email. If they are later required in court, the absence of archived emails will be regarded as negligent. |
