When it comes to cyber security, phishing emails are perhaps the single most out of control and effective method of attack we face today. All the attacker needs to do is convince the recipient to make a couple clicks and they are in. A staggering 72% of cyber security attacks begin with a phishing email. Many have asked me personally and professionally if there is there a simple solution? The answer is YES, but it isn’t what you might think…
In the current trend of phishing there are three basic types of attack. Impersonation or business email compromise is perhaps the most critical and most difficult type of phishing attack to detect. The other two types are malicious web links and malicious attachments. The good news is, for these two types, there are excellent web filtering equipment and endpoint protection solutions that can mitigate these attacks. Impersonation by far is the main challenge to contend with. Impersonation emails are targeted, and are specifically designed to impersonate key figures in an organization, leveraging social engineering and clever disguise. The current method of mitigation is security awareness training and that is just not working. The headlines simply tell us that this is not working.
So here is the problem, even with filtration and endpoint security, there is no technological security layer for impersonation attacks by email. Traditional email was never designed to truly authenticate the sender’s identity, even with the addition of certificates. There are efforts underway like DMARC to authenticate domains, but they lack the granularity to authenticate the user and do not address major issues such as spoofing, look-alike/cousin domain usage, or disposable email accounts like Gmail. Attackers are getting so good, that even state of the art machine learning analysis is generating many false positives. As the technology changes to prevent the attacks, eventually the attackers adjust and continue to press on with their spoofing or impersonation of people in email.
So what is the solution? The solution is to provide secure email with user authentication integrated at the DNA level. The problem needs to be solved from the inside out, not the outside in. The only way to truly combat phishing is to authenticate the user’s identity and eliminate anonymity. To do that the sender must authenticate to the system and the system authenticate to the user. This not only ensures the identity of the user, but that they are connected to the right service as well, with no man in the middle. Authenticated email along with endpoint protection, content and SPAM filtering is the key to successfully mitigate phishing attacks.
So what does that mean? It means we can make this so simple, that a non-technical user with very little training, can simply look at an email and identify whether or not the email can be trusted. Not through a detailed security awareness inspection, but with a simple visual indicator. Many enterprises are looking to cloud email providers to offer this secure service. They want to leverage the cloud infrastructure and adaptive security architecture. To these I would say, check out GoldKey Secure Email.