December 31, 2018

Email remains cybercriminals’ attack vector of choice

Considering the security challenges battled in 2018, it’s evident that the majority of attacks we are facing are not new, but many are reused year after year. Older attacks do not go away, but instead, they are reinvented and combined with others to aid their expansion. This makes it more challenging for us to protect against them adequately.

Furthermore, its highlighted that many of the attacks on security that we face daily are delivered or launched by email! Yes, email remains the most attractive attack vector for cybercriminals to get a footing into our organisations and our homes. Our email content, credentials and even entire accounts are stolen or hacked by criminals and used to gain a financial or competitive advantage against organisations or to launch and deliver malicious cyberattacks globally.

Email has had some part to play in the majority of cyberattacks that have inundated individuals and businesses in 2018. In 2019 it’s estimated that prolific cyberattacks will continue to expand and will be more targeted, sophisticated and personalised. We can expect new malware, as it’s created daily (in all its forms), ransomware—especially targeted attacks and sector-specific campaigns, growth in targeted phishing attacks and spear phishing, a boom in cryptomining and cryptocurrency theft (especially since blockchain technologies are becoming more commonplace).

All the while…email continues to be the most attractive attack vector used by cybercriminals

Surprisingly, email is nearing its big 50; email has been around for 47 years! Originally designed to send short messages between two computers; the first email was sent in 1971. With few improvements, 20 years on, email was released to the internet as a way of sending messages with small files. In the 1990s email was embraced on a large scale with the birth of the World Wide Web. In 2018 email continues to be used by everyone–businesses and individuals, for the most basic of communications through to the most sensitive. Email is now an essential part of our personal and working lives!

So, it’s no surprise that this longstanding communication remains an attacker’s favourite vector to get a footing into organisations. No matter the purpose—for malware infection, data theft or financial fraud. As although email is now a universal form of communication, it is also a very vulnerable medium.

Email was designed on a store and forward basis–meaning the file (the email) you create gets copied to the server that then establishes a connection to another server. The email is then copied to the user’s inbox. From a security perspective, the email design model has security challenges. Here are 5…

  1. When you receive an email, you can’t know for sure who sent the email.
  2. You don’t know if someone has opened or changed an email inflight or while stored.
  3. As a sender, you have no certainty that an email was received by the intended recipient.
  4. As a sender, you have no certainty that the recipient is the only one that has accessed the email.
  5. There is no guarantee that the email maintains its integrity resulting in a genuine trust issue.

The reality is that email was not designed for trusted or secure communication and yet all of us use it to exchange sensitive information. Most of us get account credentials via email and account resets as well as use email to send out our CVs, passport scans, spreadsheets, financials and many other sensitive documents and information.

Due to the existing email vulnerabilities, the prevalence of email use in society, the easily achievable success rates of attacks when using email as an attack vector, is leading to more criminals choosing to exploit emails.

It’s pretty much guaranteed that future threats will continue to evolve due to email’s vulnerabilities.

We inadvertently offer a helping hand

Then we add social networking to the mix–like LinkedIn, Facebook, Twitter and Instagram. All quickly becoming the preferred ecosystem for businesses and individuals to express themselves and keep their information out there and relevant for family, friends and colleagues.

These are great platforms that offer so much opportunity, but criminals see the opportunity too! They are exploiting this current and well-maintained stream of information to extract sensitive data to build convincing and sophisticated fraudulent correspondence that they use to deceive individuals into believing their scams; to fall for their trickery. All of which is launched and delivered by email!

Business email attacks have increased exponentially over the years and are embraced by cybercriminals looking to derive massive profits. Criminals can achieve this by using the information that we make publicly available.

Cybercriminals are manipulating us. They are duping targets left, right and centre and often with ease. Having so much of our information at their fingertips makes their task much easier. This together with inherent email vulnerabilities is boosting sophistication levels of attacks.

The results–employees handing over confidential information or transferring funds unknowingly right into criminal’s hands. Companies have lost hundreds of millions through these scams as well as volumes of sensitive data.

The role of email in cyberattacks

When considering the most prevalent attacks of 2018, email’s part is notable. Email is often at the forefront of many cyberattacks; commonly used by attackers to launch their attack. Email is the chosen delivery method for malware and ransomware, phishing and spear phishing attacks, data theft, and even cryptomining and cryptocurrency theft.

Scam emails now look so credible that chances of detection are drastically reduced. Fraudulent emails direct us to do just what the criminals need us to do. They convince us to press on the link to redirect us to a fraudulent site to input the information that they want, or to open an attachment to start a malware or ransomware attack or give them control over or access to our device, computer, system and broader networks, so they can fulfil their intended purpose.

It’s thought that 91% of attacks start with a spear phishing email and result in organisations getting infected with malware and ransomware.

These attacks are now commonly launched from trusted sources-often compromised email accounts. Impersonating key executives (CEO fraud) to get the most financial reward is the approach often used and more often than not results in large sums of money being transferred to fraudulent bank accounts–never to be seen again.

With one simple, sophisticated attack going undetected, multiple attacks can follow leading to data theft, email fraud, malware infection, credential theft and a takeover…the list is endless.

It’s estimated that in 2018 76% of businesses reported being a victim of a phishing attack. Spear phishing, in particular, has caused significant data loss for many businesses due to the seemingly authentic communications used.

As it stands the most expensive component of a cyberattack is data loss–estimated at nearly half of all associated attack costs.

Cryptojacking or cryptomining, a newer malware trend, is an invasive method being used by cybercriminals to bolster profits because of its reduced risk. With the arrival of faster computers and blockchain technologies cybercriminals are using our resources to create cryptocurrencies at our expense. Again…email is one of the avenues that cybercriminals use to launch this attack. Cybercriminals infect our machines with cryptomining malware to steal machine resources and hijack CPU power. Furthermore, Malware files are being tweaked to not only look for traditional financial information but also cryptocurrencies.

It’s no surprise that email has been used throughout 2018 persistently by cybercriminals to launch their attacks and this will continue into 2019 and beyond.

The UK’s National Cyber Security Centre (NCSC) has been tackling more than 550 significant cybersecurity incidents in the past 12 months and has taken down 140,000 fraudulent phishing sites.

It’s estimated that the cost of cybercrime globally could reach an incredible 6 trillion dollars by 2021, with approximately 90% of all businesses becoming a victim of one or other form of cyberattack.

The scary reality is that majority of attacks are launched or delivered by email; a communication form that the whole world embraces on an individual as well as business capacity.

Galaxkey can help

Galaxkey helps to resolve the security weaknesses inherent to the email design model.

Galaxkey is a data protection and management platform that is installed on any device or system so that you can secure and manage your communications and data wherever and whenever you need to.

Galaxkey envelopes the email and its attachments, so with Galaxkey:

  • Only the recipient can access and respond to your email
  • You get notified when the email is opened
  • You have a signed for option so you can validate that the recipient has opened the email
  • You know the email maintains its integrity and can trust it

Galaxkey comprises numerous features, but its simplest and most prolific is to secure email.

Looking ahead to 2019

Ultimately no one exactly knows what the year ahead has in store. However, we can safely assume that cybercriminals will improve their trade and will be more difficult to trace, data breaches will continue to rise and will be more difficult to avoid, blockchain technology will increase in popularity which means related attacks are likely to follow too. We know that data governing laws are and will continue to become more stringent. We can safely assume that email will continue to be used as the leading global form of communication and criminals will continue to exploit its vulnerabilities if we don’t take the necessary steps to avert this.

In 2019 email-related attacks will continue to rise and so should our efforts to enhance the security of our data, our email and our home and business environments.

Leave your comment

Please enter your name.
Please enter comment.