Ransomware surged last year, with over 6 million attacks, and one of the most popular ways to spread ransomware is through email, as eWeek explained:
Many attackers deliver a convincing ploy to their targets via email, providing a web link for more details that, when clicked, takes the viewer to a malicious website that downloads ransomware and locks the computer until the ransom is paid.
Obviously, ransomware is just one type of threat we see in email. Yet, I think we tend to underestimate how many of our security threats have a direct email connection. New research from Forrester Research and Mimecast looked at the significant risk organizations face from insider threats that leverage email. These threats range from the accidental, like sharing an email with sensitive data with the wrong person, to the malicious insider using email to specifically exploit the company.
Even though millennials shun email for other, more immediate, forms of communication, in the workplace, email is vital for everyday business operations. It’s how we interact with co-workers, customers, and the world at large. It’s also the front line for security vulnerabilities that can seriously damage the business. For example, the study found that 40 percent of respondents experienced business email compromise/impersonation leading to fraud, credential theft or data loss, and 64 percent said that there was at least moderate financial damage caused by either non-malicious or malicious insider behavior involving compromised accounts. In addition to the financial damages, these companies are also seeing a huge loss in production due to insider threats involving email.
The study did add that organizations are at least more aware of the insider threat posed by email and more are now turning to improved network monitoring and secure email gateways. In fact, two-thirds of respondents said they are using the gateways to keep email secure.
If your company’s problem is insiders who are sharing information with the wrong people, Kevin Beaver provided some advice in a Search Security article:
An effective way to catch sensitive information leaving the network is to set up a network analyzer and filter keywords, specific attachments, etc. You can also utilize client or server-based content filtering to catch and block sensitive information going out. However, perimeter-based or outsourced messaging security solutions offer content filtering and blocking that is much easier to manage.
So much emphasis in security approaches is on what the outsiders are doing – how are hackers getting in, cybercriminals using more sophisticated schemes – but we can’t take our eye away from the role insiders play. Email is an essential tool (and for some of us a business lifeline), but it can also be extremely destructive if we aren’t paying attention to what our employees are doing.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba