So far in our series we've talking about ransomware, threat vectors, and the technologies that we use to protect you. Now let's take a look at email and why it's the biggest and most exploited threat vector of all.
The weakest point of security in any organization is the users, either due to a lack of awareness or security fatigue. Attackers know this, and they target users through email because with a working email address, a malicious but well-crafted attack could easily get in front of a vulnerable employee. Attackers are also very determined, so they will continue to pursue a target-rich environment until they find a gap in defenses. A recent Consumer Affairs article reports that as many as one-third of AV scanners failed to find malware samples in a two month test. That's why attackers keep trying, even when they know a company has anti-virus protection in place.
What could happen if spam gets through to the mailbox? Here are a few scenarios:
It can eat up your resources: If you are pulling email into your message server, spam chews up resources that should go to other things. A massive spam attack can slow or even freeze a spam filter or an email server. Barracuda, like many security companies, offers cloud-based protection so that these messages are stopped before they ever get to your organization. This frees up your infrastructure resources and lowers the risk that an attack will get through.
A successful spam attack can make your network part of a botnet — a network of compromised computers that can be controlled remotely by an attacker. These botnets can then be used to launch attacks against other networks. These could be DDoS attacks, spam attacks, or something else. Regardless of the type of attack launched by the botnet, your network would be used in criminal activity. Even if you don't notice that your bandwidth and other resources are being used in the attack, your IP addresses may be blacklisted due to this activity.
Targeted phishing attacks are becoming more common, which means that an email written for a specific victim can trick that recipient into doing something like sending money or giving away sensitive information. These emails impersonate an officer of a company or a trusted site like a bank, and they resemble legitimate messages well enough to get through defenses. Once they arrive in an inbox, only user awareness can stop the threat.
A successful spam attack could subject you to these and a number of other scenarios.
In order to stop attackers adept at evading our basic techniques we are deploying the power of deep machine learning systems, multilevel intent analysis, and several other advanced technologies that we discussed earlier. You can learn more about our email security solutions at the following sites:
If you'd like to know more about defending yourself from ransomware and other threats, visit these resources:
- NoMoreRansom project
- The evolution of ransomware
- Microsoft Malware Protection Center
- Ransomware blog posts
In our next post we will talk about the web threat vector.
To view all posts in this series, click here.