|
The threat of email viruses & trojans
The widespread use of email has provided hackers and crackers with an easy way to distribute harmful content to the internal network. Hackers can easily circumvent the protection offered by a firewall by tunneling through the email protocol, since it does not analyze email content.
CNN reported in January 2004 that the MyDoom virus cost companies about US$250 million in lost productivity and tech support expenses, while NetworkWorld (September 2003) cited studies that placed the cost of fighting Blaster, SoBig.F, Wechia and other email viruses at US$3.5 billion for US companies alone.
Furthermore, email is also used to install trojans, targeted specifically at your organization to obtain confidential information or gain control of your servers. Described as "instructive viruses" or "spy viruses" by computer security experts, these can be potent tools in industrial espionage. A case in point is the email attack on Microsoft's network in October 2000, which a Microsoft Corp. spokesman described as "an act of industrial espionage pure and simple". According to reports, Microsoft's network was hacked by means of a backdoor trojan virus maliciously emailed to a network user.
The threat of information leaks
Organizations often fail to acknowledge that there is a great risk of crucial data being stolen from within the company. Various studies have shown how employees use email to send out confidential corporate information. Be it because they are disgruntled and revengeful, or because they fail to realize the potentially harmful impact of such a practice, employees use email to share sensitive data that was officially intended to remain in-house.
As the 2003 Hutton enquiry in the UK demonstrated, government officials and BBC executives were found to have used email to make disclosures that were confidential. A March 1999 PC Week article referred to a study where, out of the 800 workers surveyed, 21-31% admitted to emailing confidential information - like financial or product data - to recipients outside the company.
The threat of emails containing malicious or offensive content
Emails sent by staff containing racist, sexist or other offensive material can make your company vulnerable from a legal point of view. In September 2003, UK firm Holden Meehan Independent Financial Advisors had to pay a former employee ?10,000 for failing to guard her from email harassment. Chevron notoriously had to pay $2.2 million to four employees after they had allegedly received sexually harassing email. Under British law, employers are held responsible for emails written by employees in the course of their employment, whether or not the employer consented to the mail. The insurance company Norwich Union was asked to pay $450,000 in an out-of-court settlement as a result of emailed comments relating to competition.
Methods used to attack your email system
To get to grips with the kind of email threats present today, it is best to take a quick look at the current main methods of email attack. These include:
Attachments with malicious content
Melissa and LoveLetter were among the first viri to illustrate the problem with email attachments and trust. They made use of the trust that exists between friends or colleagues. Imagine receiving an attachment from a friend who asks you to open it. This is what happened with Melissa, AnnaKournikova, SirCam and other similar email worms. Upon running, such worms usually proceed to send themselves out to email addresses from the victim's address book, previous emails, webpage caches to the local machine and similar methods. Virus writers place much emphasis on getting the victim to run the attachment. Therefore they make use of different attractive attachment names, such as SexPic.cmd and me.pif.
Many users try to avoid infection from email viruses by only double-clicking on files with certain extensions, such as JPG and MPG. However, some viruses, such as the AnnaKournikova worm, make use of multiple extensions to try trick the user into running the file. The AnnaKournikova virus was transmitted via an email attachment named 'AnnaKournikova.jpg.vbs' which dupes recipients toin believing that that they are receiving a harmless JPG image of the famous tennis star, rather than a Visual Basic Script containing infectious code.
|
