If it wasn’t for Email …

The application that made the Internet, is also its weakest link … the humble electronic mail. With the rise of Slack and Teams, we are…
Photo by Onlineprinters on Unsplash

If it wasn’t for Email …

The application that made the Internet, is also its weakest link … the humble electronic mail. With the rise of Slack and Teams, we are still stuck with our old Memo-based approach to messaging, but it is often still the key foundation element of our business (and social) world. And, it’s as weak now as it was when it was first created. Okay, we’ve added a secure tunnel for its transmission, but all we have between us and our messages is often a simple username and password. And, we can have an extremely long and complex password, but it we are tricked into giving it away, their security strength vanishes to zero!

So, now Trend Micro has published their Cloud App Security Threat report for 2021, and which highlights the threats that email gives us [here]. In their report, they identify that email was responsible for nearly three-quarters of the malware infections that were blocked in 2021.

As shown in Figure 2, they detect a rise of 101% in email threats, a 15.2% rise in credential phishing attempts, and a small decrease in BEC (business email compromise).

Figure 1:

In malware detection, there was a 196 % risk between 2020 and 2021. This included the Emotet threat [here] and which coded itself with hexadecimal and octal representations of IP address, in order to deliver a range of malware programs, including TrickBot and Cobalt Strike.

The increasing use spear phishing and stolen credentials was also highlighted by a recent Verison report, and which identified that these were responsible for around 75% of all the first attack vector in systems (Figure 2). After the initial intrusion, Verison identified that it was often malware that was responsible for the middle and end elements of an intrusion (Figure 3).

Figure 2: The main vectors of initial compromise
Figure 3: Beginning, middle and end of a data breach

One good sign is that the number of ransomware detection reduced by 43.4% between 2020 and 2021. This is likely to be because ransomware is so much more targetted these days and typically against high value targets (rather than the initial phishing targets for the first wave of ransomware). It is also often used as an attack tool after the initial infection through spear-phishing or credential-stealing. There are, too, improved detection tools for the detection of ransomware attacks from spamming activities.

Overall, Trend Micro saw a massive increase in phishing attacks, and with a 137% growth between 2020 and 2021, and a 596% (x6) increase in spamming attempts. These increases are likely to be due to the ever increasing rise of data harvesting bots, and which continually probe systems for interesting information.

With the pandemic, Trend Micro reports on the rise of the Covid-19 related phishing emails, and especially ones where users could book test kits and test appointments, and often used Web site content scraped from official sites. These were supported by fake social media and email addresses.

Conclusions

Email is the app that made the Internet. I moved us from a world of memos and letters but is now the main attack vector against us.