14 May 2016
Many companies and organizations allow their employees the use of web mailers for staying connected, and, to some extent, for doing private business. This makes sense because the use of company accounts for private purposes poses more risk to the company.
The use of web mailers becomes a problem as soon as company resources are used, i.e. attachments are downloaded to a computer on the organizations network and opened for further processing.
Under normal conditions, when the connection with the web mail provider is encrypted, the anti-malware solution on the web-proxy has trouble analyzing the attachments in the data stream. Technical solutions for breaking up SSL secured communication are available, however they are not widely used, or just too expensive, or cannot be enforced due to legal or privacy constraints.
With this, the endpoint protection solution must solely deal with the malicious attachment. And this is not very effective, in particular in the case of zero-day malware.
But the main problem are the web mail providers themselves. Every day millions of emails with malicious attachments are routed by few mail providers through the internet. With an improved examination during posting and forwarding the email providers should be able to reduce the number of emails with malicious attachments dramatically. This will lead to massive increase in overall cyber security, to savings in the costs for the defense of cyber-crime and in the costs for the recovery from cyber-attacks.
Much can be done by the handful of companies that provide the majority of products and services that comprise the Internet and computer-operating systems, through more focused nudging and guidance from government.
Law and policymakers have shied away from tackling the root causes and key enablers of cyber crime and conflict.
Have a good weekend, and enjoy Denise’s report.