Sony Breach and Email Security: What Can You Do?

In view of Sony's recent data breach and the ominous warnings from cyber security experts that we can expect a further rise of cyber-attacks in 2015, now is a good time for organizations to review their security systems and make sure that robust defenses have been put in place.


In an interview with Forbes, Roberta D. Anderson, partner at K&L Gates LLP and co-founder of the firm's global Cyber Law and Cybersecurity practice group, said: "We increasingly see the use of custom malware that antivirus software—even up-to-date software—cannot detect. That custom-tailored malware often is introduced through increasingly sophisticated social engineering exploits."

According to CNN: "this year's Obama administration report found that so-called phishing attacks—where users are duped into clicking links that open systems to hackers—are the most widely reported cyber incident."

Since targeted attacks are often engineered through phishing and email malware attacks, organizations need to make sure that their email systems are capable of detecting and countering these types of attacks. Analysts believe that the Sony breach, for example, likely began with phishing attacks where employees were tricked into downloading attachments or visiting websites that introduced malware onto their systems.

As Anderson mentions, targeted attacks are custom made and as such tend to go undetected by most anti-malware engines. Although anti-malware engines use heuristic analysis to look for unknown threats, these methods are not foolproof and can be bypassed.

Here are three ways in which you can boost your protection against these targeted threats:

1. Use Multiple Antivirus Engines

By using multiple antivirus engines to check email attachments, you are not only combining several signature databases, but you also make use of multiple heuristic engines and threat analysis techniques, significantly reducing your vulnerability against targeted attacks, as well as threats targeted to bypass a specific engine's detection capabilities.

2. Sanitize Email Attachments

By converting email attachments to a different format, any embedded scripts or potential threats can safely be removed. For instance PDF's and Word documents are commonly used in malware attacks. By converting a PDF file to a Word document and vice versa, these attacks can be prevented.

3. Block Spoofed File Types

In order to bypass filters and fool recipients, attackers try to spoof email attachments to appear of an innocent format. For instance most users will know not to click on .exe attachments, but a .txt file will seem harmless to most. By verifying file types, you can block email attachments with spoofed file type extensions preventing dangerous attachment types posing as safe files from entering your organization.

By implementing an email security solution such as Policy Patrol Mail Security in combination with Metascan multi anti-malware scanning, data sanitization and file verification technology, you can significantly increase your defenses against advanced threats and targeted attacks.

Sign up for Blog updates

Get information and insight from the leaders in advanced threat prevention.