In keeping with 2020’s main business trend, 2021 will be one where remote work will likely be the norm and thus more conversations, advertising, and beyond are likely to be conducted via email than ever before. This also opens new doors for email security hackers looking to enter our inboxes.
Prior to 2021, the pace of expanding remote work in many sectors was slow both due to perceived safety and security concerns but also a belief that it could not be done well. The coronavirus pandemic changed things, forcing many forms towards accepting the new reality and adapt.
Firms with more developed remote work strategies already in place were able to move forward faster and more securely to keep ahead of their competition, while others have been playing catch up. Given that remote work will remain a top priority for 2021 even asthe pandemic subsides, businesses need to pay spe ial attention to e-mail security.
To gain an insight into which trends are likely to grow, and what the new threats are on the horizon, Digital Journal spoke with experts from the email security startup Vade Secure. The focus of the discussion was around e-mail centric security issues
Thread hijacking will grow
According to Sébastien Goutal, who is the Chief Science Officer at Vade Secure, a new formof attack will be on the rise in 2021: “A technique featured in the wave of Emotet malware attacks, thread hijacking is a major email security threat that will grow in 2021.”
Goutal adds: “The technique consists of using existing e-mail conversations and having victims spread the threat to new victims. This is using tools like Outlook Scraper. With this, Emotet gangs obtain access to email threads on infected computers. Here hackers can trick recipients to click on a malicious link or open a weaponized Word document.”
Looking at this growing form of attack further, Goutal says: “Thread hijacking is highly successful for two reasons.First, because the malicious email is sent from a trusted sender. Second, the context of the existing discussion drop the guard of the targeted recipients.”
Thing will not simply stop here, explains the Chief Science Office: “We can expect to see an increase in other advanced techniques featured in Emotet campaigns, including techniques that bypass anti-virus engines (software that applies antivirus scanning techniques to content), such as the process of code obfuscation in Word documents.”
Remote image-based threats will push email security filters to their limits
Looking at a different e-mail security topic for Digital Journal is Damien Riquet, who acts as the Research Engineer at Vade Secure. He says: “Building on the success of image manipulation techniques to bypass email filters, hackers are now using remote images to store malicious textual content. Unlike images embedded in email, remote images must be fetched over a network. Detecting a remote image over a network is complex. It cannot be done in real time.”
In terms of preventitive actions, Riquet recommends: “While Computer Vision can analyze and extract relevant content from images it’s expensive and not widely available in commercial electronic mail filters. So, we can expect to see more hackers using remote images in 2021.”
Compromised accounts will present new opportunities
Looking at e-mail accounts, Adrien Gendre, the Chief Product and Services Officer, warns: “Compromised accounts are at the heart of the thread hijacking techniques in this year’s Emotet attacks. But they’re also being used in increasingly clever ways, including large spam waves.”
Business email compromise will go global
Returning to the discussion, Sébastien Goutal looks at a wider corporate threat: “The growth in business email compromise and difficulty in detecting it has led to new advancements in content analysis via artificial intelligence. However, most algorithms struggle to detect BEC in foreign languages.”
This form of threat has become truly global: “Initially, there was a lot of business email compromise in English and French. Now we are seeing BEC written in Italian, Spanish, German, Slovenian, and so on.. This is a problem because a lot of security vendors focus on English language only, as they are American-based companies.”
This means tougher cybersecurity measures are needed:. The analyst further notes that attacks will become more sophisticated: “Additionally, targeted business email compromise attacks will give way to more broad attempts. Previously, business email compromise emails would target key employees in certain departments, such as accounting and HR, but that’s changing. Today, a single email can target 30 employees in a five-minute time frame.”
Vendor impersonation will exploit trust in cloud services
Considering an alternative form of attack is E.J. Whaley, the Channel Sales Engineer at the company. Whaley notes: “Accustomed to receiving emails with Word, PowerPoint, and Excel attachments or links to shared Microsoft 365 documents, users trust Microsoft and other cloud services they use most. Even if an email is suspicious, curiosity will always be piqued by an attachment. This make users extremely vulnerable to vendor impersonation, which involves a hacker impersonating the supply chain.”
Hackers—and businesses—will get personal
Concluding the discussion, Damien Riquet returns to the conversation. He looks at how hackers will attempt to get under the radar, via: “Pandemic fatigue. Wildfires. Elections. Social tensions. The anxiety and stress of global events are taking a toll on citizens across the world. Hackers have exploited this fact to great effect in 2020 and will continue to do so in the coming year.”
