Canada Chapter

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

EMAIL -The underestimated Threat Payload point of compromise (Cybersecurity Awareness Month Oct, 2022)

  • 1.  EMAIL -The underestimated Threat Payload point of compromise (Cybersecurity Awareness Month Oct, 2022)

    Posted Oct 28, 2022 10:35:00 AM

    As we conclude the celebration of Cybersecurity Awareness Month this October, it is important to understand our Ultimate goal as security professionals is to Protect Processes, People, and Infrastructure from disruption, disabling, destruction, and system manipulation control thus optimizing effectiveness and resiliency while building a stable secure socioeconomic environment supply-chain for people and businesses to thrive on the Cloud (Online).

    Email as a Threat payload #CybersecurityAwarness month

    Cybersecurity Infrastructure Security Agency defined a threat as any vector that disrupts, destroys, or distorts the resiliency of operational technology in an organization network. The adoption of Email as a reliable means of communication has proven to be buoyant as it emerges as one of the most widely used methods of communication across all sectors such as finance, Healthcare, tech, media, oil & gas, utility, sales, etc. The Email system was introduced in the late 70s and has been around ever since, significantly scaling through the risks of consumer democracy that is driven by innovation. Email trustworthiness has been severely impacted by the rise of threat actors who consistently use email various mediums as a transit to deliver malicious line of code content or embed attachments to victims' systems. based on (EO14028)White house Executive Order on Improving the Nation's Cybersecurity.

    TOP 5 Email Service Providers

    EMAIL FACTS & STATS

    • The email market size is estimated to reach $73 billion by 2023 (HubSpot, Statista 2022)
    • There are 4 billion daily email users (Hubspot 2022)
    • 333 billion emails are sent and received each day in 2022 (Oberlo, Statista 2022)
    • 32 percent of breaches involve phishing attacks (CISA Counter-Phishing)
    • 78 percent of cyber-espionage incidents are enabled by phishing. (CISA Counter-Phishing 2022)
    •  48% increase in cyberattack attempts targeting email accounts Q1-Q2 of 2022 (Security Magazine 2022)
    • An estimated 40% of ransomware attacks start through email (Gartner 2022)
    • 30% of phishing email messages are opened (Clearedin)
    "It is impossible to believe that a click from an email is capable of maliciously weaponizing and disrupting various components of victims' host systems.


    cybercriminals often Use email to attract users to click on malicious links or attachments.

    Threat Associated with Email

    According to the National Security Agency, email delivery medium has been an effective way to deliver a stream of threats as victims are coaxed into clicking on malicious email links or attachments usually aimed at stealing victim and financial information, and sometimes infecting user IoT devices with viruses or malware.

    Email remains an integral part of business, as well as means through which content is distributed, about 70% of world-class and 30% of small organizations, communicate via email either on a private network or public distributed cloud mail service, hence email database may contain an off-trail map route direction to the Crown jewel or Critical asset once compromised.

    Phishing is one of the most common threats associated with email messaging, threat actors have different motives for carrying out this attack, they retrieve sensitive information by deploying malicious software embedded via sent email, some various types of phishing include Clone phishing, spear phishing, Social Engineering, Link Manipulation, Voice vishing Phishing.

    The Below image shows a real-life example of Phishing Voicemail Emails

    Sample of the Phishing Email (CSA 22-001: Phishing Voicemail Emails)

    Others include Malware, Email spoofing, Ransomware, Account takeover, Email interception, Unsolicited Bulk Email (UBE) aka Spam, Whaling etc.

    Encryption of emails may be a good security practice, but its limited free open-source capabilities might only protect data from being readable. It is agreeable and logical that cybercriminals would use a mechanism that seems formal and unsuspicious to carry out the transmission of fake sensitive information while hiding behind the smoking screen to deploy malicious elements, furthermore the over-dependability of software security-based applications for protection against threats related to emails has been underestimated and overlooked, Nevertheless, the all green all clear signal indicated by software for email protection against phishing, malware, virus, etc can be ineffective most of the time as sophistication in adaptable threat persist evading security.

    Detect Suspicious Email 

    • Check major Errors in key sections such as Header, Body, signature etc
    • Use open source platform to search and verify sender's key information
    • Zero Trust always use trusted security software
    • Empty your SPAM mail "delete forever"
    • Delete read logs of old messages

    Email Security Recommendations

    The delivery of malware, unsecure code, Trojans, worms, and other cyber threats to militants are easily transportable via the email addressing system used in exchange. Implementation of Email security should be automated considering the probability of human error factors and limited capabilities to monitor multiple emails, while totally not overlooking the traditional email security measures as both security strategies work hand in hand just like the blue and red teams to strategically and tactically enhance email security;

    • Prioritize email security
    • Block certain file extensions
    • verify and validate the sender's address
    • Encrypt important messages before sending
    • Deploy phishing intelligence software on the device
    • Do not click links or attachments from an unverified or unknown sender
    • Use a trusted email service provider or platform
    • Enable multifactor Authentication for user email account
    • Enable Spam filter
    • Use Secure email gateway
    • Employee Training and awareness

    TECHNICAL Advisory

    • Use DNS filtering to block
    • Use email security application to detect malicious email attachments
    • NIST 800-177 (guidelines for enhancing trust in email)
    • NIST SP 800-45 (Guidelines on Electronic Mail Security)
    • CAPACITY ENHANCEMENT GUIDE Counter-Phishing Recommendations for Federal Agencies by CISA
    • Adopt global Security Standards guildlines such as (EU, NIST, CISA, ENIS, ISO )

    Compromised Email mitigation Strategy

    • Delete Disconnect and isolate
    • Report incident
    • Call a Cybersecurity Doctor! lol

    Thanks for Reading HAPPY CYBERSECURITY AWARENESS MONTH!!

    We stand and pray for the People of Ukraine, Tigray, and other conflict-torn areas RIP Mahsa Amini - Peace&Love "Dialogue & Democracy "

    Congratulations to you on your re-election @John Tory as Mayor of Toronto whom I met while working "He is always Actively on the fields" in 2019

    and to You and your Family on yet another impactful achievement to serve the people, Mr. Kelechi Madu KC a Big Congratulations to you on your new position as Deputy Premier Minister of Skilled Trades & Proffessions at Government of Alberta.

    Special Thanks to Cloud Security Alliance Chapter Toronto, Canada Community for the shared resources.

    www.linkedin.com/pulse/email-the-underestimated-threat-payload-point-month-oct-olugbenga/?trackingId=Ni4k0yBiSO66eDu2XM3fbQ%3D%3D

    Email as a Threat payload #CybersecurityAwarness month


    Regards,



    ------------------------------
    David Olugbenga
    Cybersecurity Analyst
    Cybersine
    ------------------------------