Entry Door of Cyber Attacks : E-mail Services

A. The situation of email

Email is one of the most critical tools of communication today. It is part of our daily life for all proceedings we do online. It is all-important especially for institutions those make deals online. In addition, many services on the internet, even social networking sites, require e-mail address for the usage of their services. Hence, due to features email has, it has been a tool for malicious people to attack. As it is displayed below, many attacks vectors have been carried out via email services to harass, trouble and disturb people. Therefore, it is important to be aware of anti phishing solutions.[Source: Osterman Research (2016)] phishing solutions Figure 1. Security Incidents of 12 Month [1]
[/caption]When we analyse  Figure 1, most common incidents involved phishing attacks were successful in infiltrating the corporate network with 34 % rate. Successful ransomware attacks has 30 % rate. Malware infiltration through some unknown source 29 % (Osterman Research, 2016). Also, 17% of users declared that sensitive information was either accidentally or maliciously leaked via e-mail. In addition, 14 % of users said that an e-mail spear phishing attack was successful in infecting either one or more supervisors.

B. Phishing Solutions for E-Mail Services

Nowadays, there are many border security components and anti phishing solutions for corporate email security. AntiSpam, Firewall, Intrusion Detection and Prevention Systems (IDS / IPS) as well as Data Leakage Prevention (DLP) systems are essential measures. If the institution is more risk-aware, there is also a zero-day protection product, reputation analysis service, cyber intelligence support.

Well, how much do these systems protect us? Let’s look at the risks that target e-mail services before this question.example corporate network schema for email servers, phishing solutions Picture 1. An example corporate network schema that has security components and anti phishing solutions for email servers[/caption]If one have a chance to have the security products mentioned above, the corporate network will look like Picture 1.

C.Risks targeting email services

In today’s technological surroundings, anti phishing solutions has been one of the main issues being addressed. Because, cyber criminals has the ability to leak into computer systems and servers, stealing sensitive information. No matter how hard the institutions try to fight against these types of security breaches, a hacker is always one step further. However, provided that a company can find out security weaknesses and vulnerabilities before a hacker can, it may acquire a significant opportunity for protection.Email Test Categories, phishing solutions Picture 2. Test Categories Based on Institutions’ Needs[/caption]Sinara Labs gives the occasions to accomplish this process with its test categories. Because, Sinara configured the test categories according to needs of the organisations. Moreover, test categories are entirely depend on the scope of operation. Main test categories are:

  • Data loss prevention,
  • Vulnerability scan,
  • Malicious attachments,
  • Misconfiguration,
  • Client-side attacks,
  • Ransomware samples,
  • File format exploits
  • Threat intelligence

1. Security Weaknesses

The vulnerabilities discovered in email services have the consequences of infiltrating the target system. Also, it  reveals information and make systems inaccessible when attackers abuse these vulnerabilities. Hence, it is necessary to discover these weaknesses caused by the provider’s misconfigurations in the e-mail services.

2. Client-Based Defects

The attack vectors for internet users are increasing day by day. A link in e-mail can put a careless user to great risk. A link containing malicious content can be enough to capture a computer alone. Therefore, e-mail service components’ security must be istensified against such harmful links.

3. Harmful Files

When malicious content in the email attachment reaches the user, it may take over computer as well as the entire network. Hence, anti phishing solutions such as signature-based antivirus software and intuitive analysis services must analyse these files.

4. Ransomware

In the case of infcection,  one must pay a ransom for the all data encrypted. In this sense, it is necessary to tighten the e-mail service as well as wait for the analysis services to bring anti phishing solutions to both detect and prevent specific behaviors for ransomware.

5. Missing Fault Configurations

This is a very common security problem. A poorly configured configuration in the e-mail service can cause serious crisis. Since, it sends email without authentication. For example, an attacker who connects to your email service without authentication, can send a random e-mail to your employees. Especially, an attacker who imitates the CEO may be more likely to succeed.

6. Internet Traffickers Abuse Kit

Emails that contain known vulnerabilities of internet browsers cause identity theft,  both data leakage and access problems. Sometimes a link may contain an abuse piece of code. In this case, the e-mail service and the security components as well as anti phishing solutions must provide defensive measures.

7. End User Awareness Issue

Another crucial point is that attackers who bypass all security precautions, use the unawareness of the end user to attack. Hence, regular training for the awareness of these subject is important. Via phishing tests, exams, questionnaires and games, the awareness levels should be measured periodically.

D.How Can We Test the Security of E-Mail Services?

The risks target e-mail services are familiar. Many people faced some of these risks. Measures to take against these risks may lose their effect over time. New threats may be late for detection. Moreover, one do not have a risk, creates an artificial sense of safety. Without waiting for security risks to arise, one have to be in control of the risks mentioned above. There are two ways:

  1. Penetration Tests: It is possible to get help from experts via this test. However, it can be expensive, only will be a snapshot and can’t be automated.
  2. E-Mail Threat Simulations: These services are more proactive, hosting the attack vectors in themselves and keeping users on real risks regularly. This test methodology performs active and passive tests for many of known threats against to E-Mail server and it’s border protection mechanism

The Email Threat Simulation (ETS) module of Sinara Labs allows companies or individual users to perform active and passive tests for risks. You can start using it by being a member at https://ets.sinaralabs.com

For more information about the ETS module and its use, you may look at the article.

REFERANCES

[1] Osterman Research (2016)