Global Status of Email Security

AnubisNetworks By AnubisNetworks • June 5, 2021

Email Security is on the tip of the tongue with all the cases happening in the world.

On April 29th, NPR.org reported President Biden’s executive order to establish a process that will better protect the US from sophisticated cyberattacks, including modernizing standards for software and cybersecurity systems. The government’s efforts are in response to the SolarWinds cyberattack linked to Russian hackers that compromised the software company’s routine software updates and had access to the network for nine months.

However, the rise of stealthy cyberattacks is not unique to the US. Cybercrime has shot up by 600% due to the COVID-19 pandemic, with malicious actors exploiting network security and email server vulnerabilities and weak cybersecurity protocols. And with ransomware attacks rising worldwide by 350% in 2018, experts predicted that a new company would fall victim to an attack every 11 seconds, and cybercrime-related damages would reach $6 million trillion annually by 2021. These predictions carry weight as stories of the recent Microsoft Exchange Server attacks unfold.  

Email Servers Worldwide Compromised in Attacks Targeting Microsoft Exchange

Globally, tens of thousands of companies have had their email servers compromised as Microsoft Exchange Server attack attempts occur each day and doubling every few hours. An estimated 250,000 servers worldwide have already fallen victim to attacks following the discovery of four zero-day exploits in on-premises Microsoft Exchange Servers.  

According to CheckPoint Research, the countries most attacked following Microsoft Exchange Server’s four zero-day vulnerabilities include the US, Germany, the UK, The Netherlands, and Russia. The most targeted industries are the government and military, manufacturing, banking and financial, software vendors, and healthcare. However, all companies are at risk, with other sectors making up 35% of targeted organizations.  

On March 2nd, Microsoft released security updates on Hafnium, the threat actor operating from China identified to target entities in the US, including defense contractors, infectious disease researchers, and NGOs. The updates addressed Hafnium’s more recent attacks targeting on-premises Exchange Server software to exploit vulnerabilities and gain access to gain control of servers remotely. According to investigations on the vulnerabilities, attackers could gain access to individual email accounts without authentication and, in some cases, could take over the email server completely.

Takeaway 

To remain protected and prevent future attacks, the latest patched versions need to be applied immediately. Because updates are not automatic and must be performed manually, many organizations don’t use critical updates as they become available. Those who don’t act quickly enough find themselves vulnerable to cyber attackers taking advantage of slow patch processes.

Email attackers continue to evolve with reports that supply chain fraud is on the rise, overtaking CEO fraud and predictions that the email attack cycle will continue to shorten. Phishing will also become increasingly more targeted as hackers target identities rather than devices.

Because your email server is the gateway to over 94% of malware attacks, you'll need to arm yourself with a different, evolved layer of defense to protect against server compromise and data theft. AnubisNetworks’s platforms use sophisticated mechanisms and technologies to stay ahead of the latest email threats. Ask us about how our Email Security Platform integrates seamlessly with any email system, including O365 and G Suite platforms, as well as many other Email systems, such as Sandbox, AVs, and Archiving systems.

To see our service in action, request a 30-minute demo today.