Email security and management firm Postini report what it claims are dramatic vulnerabilities for small businesses and certain vertical industries that are experiencing much heavier attacks than other types of companies.
The findings show that even as attention to the cost and prevention of spam reached a high point in 2004, threats to email systems grew worse as the incidence of spam remained at 75 to 80 per cent of email. Virus attacks also grew threefold, and directory harvest attacks (DHAs) continued to plague corporate email servers.
Report findings include: Smaller companies, such as those with 100 users or less, received up to 10 times more spam per user than large businesses (10,000 users or more).Certain industries, including publishing, advertising, legal, and real estate, received more than 10 times the amount of spam per user per day than organisations in banking, financial, manufacturing, electronics, food and beverage, and pharmaceuticals. The average company experienced 150 directory harvest attacks per day, making this type of attack the least visible and most underreported threat in 2004.Virus infected emails tripled as a percentage of all email, encompassing 1.5 per cent of all emails in 2004, up from 0.5 per cent in 2003.As much as 1 per cent of all spam is some variety of phishing, a particularly threatening act of sending email apparently from legitimate senders to trick users into revealing their passwords or confidential information. More than one third of all spam is sent by zombie networks that use innocent victims’ computers as a conduit for delivering spam to others.
What they say
“What we’re seeing is a profound increase in the sophistication and incidence of tactics designed to fool conventional anti-spam filters,” said Scott Petry, founder and senior vice president of products and engineering at Postini. “Spammers are also finding smaller companies more susceptible to attack since they typically have fewer and less sophisticated defences in place than larger enterprises.”
The report claims that DHA attacks are alarmingly widespread, with the average attack consisting of 250 invalid email deliveries attempts. The result is that the average company is plagued by almost 40,000 invalid delivery attempts per day.
The report predicts an intensified battle against spam that will continue to escalate as email threats evolve at a faster pace. “Postini’s predictions for 2005 are consistent with what we see ahead in the email security landscape,” said Matt Cain, industry analyst with the Meta Group. “More sophisticated, phishing style attacks will proliferate as bulk spamming scams decrease in effectiveness. We see dynamic, fast moving threats such as zombie networks posing particular challenges to corporate systems.”
As a result, solutions will need to take a more holistic approach to email security in the coming year, spanning anti-virus, anti-spam, and network level attacks such as DHAs according to the Postini report. “Filtering on email contents will continue to diminish in effectiveness, giving way to more sophisticated sender behaviour analysis,” added Petry.
As an email security managed service, Postini says it performs real time inspection of every IP address that sends email to any of its customers. Based on patent-pending IP behaviour analysis, Postini detects that certain SMTP connection patterns are indicative of malicious behaviour, enabling Postini to block connections without needing to see the actual message. Processing more than 450 million inbound SMTP connections every day from 10 to 15 million distinct IP addresses, Postini says it blocks about half of all SMTP connections while the balance of messages are screened by content filters. What the firm calls this multi-layer approach incorporating real-time IP analysis has proven effective, the firm claims, in combating the shifting tactics of spammers during the year. Based on processing of business email, the Postini Email Security Annual Review and Threat Report is available for download.
