Email-based attacks are one of the most popular attack vectors leveraged by cybercriminals and hence email security is of paramount importance. OryxLabs’ recent report provides recommendations on how companies in the UAE can enhance their email security.
OryxLabs, a leading United Arab Emirates (UAE) cybersecurity firm providing Internet-scale platforms for monitoring and protection, has published a report that assigns an Email Authentication Deployment Score (EADS) at a national level in the UAE for the first time. This rating is based on actual network data that was collected, processed and analysed to give an accurate, on-the-ground account of the state of email authentication in the country.
The research paper, State of the Nation – Email Authentication in the UAE, is based on data drawn from over 1 million domains utilising the .AE extension. From that set, 134,000 domain names used for email exchanges in the UAE were selected for further analysis. The report utilised over 4 million Domain Name System (DNS) queries with more than 40 evaluation parameters per domain and an analysis of 5 million data points to paint the final picture of email security.
The score is based on the implementation – or lack thereof – of three fundamental and complementary email security protocols: Sender Policy Framework (SPF); Domain Keys Identified Mail (DKIM); and Domain-based Message Authentication, Reporting and Conformance (DMARC). Working together, these protocols help ensure emails purporting to be from an organisation actually come from the organisation and that they haven’t been tampered with in transit.
Commenting on the publication of the report, Sumit Dhar, CEO of OryxLabs, said: “This really is a fundamental paper. Email-based attacks are the most common way for hackers to target an organisation and this popularity is in part due to the relative ease of execution and high efficiency of such attacks. Attackers can easily pretend to be a trusted party and trick the victim into actions detrimental to his/her organisation.”
Dr Rudy Guyonneau, Director of Research at OryxLabs and the Lead Author of the report, added: “This report, in bold factual numbers, for the first time provides a score sheet on the implementation of email authentication. It references the financial and reputational cost of email breaches to firms; and highlights proposed areas and methods of improvement for email authentication.”
Email-based attacks are extremely popular within the cybercriminal arsenal. From low-level, opportunistic scammers, to nation state-backed groups, the usage of such attacks continues to grow. Cyber-attackers and scammers leverage surprise and psychological techniques to mislead employees into interacting with malicious emails, driving them to take actions they would not ordinarily. This may result in malware infections, Business Email Compromise, or even the theft of credentials.
A report from IBM – Cost of Data Breach 2021 – estimates the average total cost of a single data breach caused by phishing, including business email compromises, at US$5 million, while Cisco’s 2021 Cyber Security Threat Trends estimates that 86% of organisations surveyed had at least one user attempt to connect to a phishing site.
The overall absolute EADS score for the UAE is on-par or slightly higher than scores observed worldwide. That said, efforts are required across the board to enhance the state of email protection. A deep dive of the report’s results provides visibility into the actions that need to be taken for an efficient improvement of the situation.
Observations include the fact that while SPF can be easily implemented, it remains at a relatively low deployment score. The implementation of DKIM for the UAE is surprisingly high for the oft-overlooked protocol, and DMARC is neglected by most organisations and would be a strong factor of improvement.
On a positive note, email authentication is easy to implement relative to the protection it provides. As such, it is strongly advised that SPF, DKIM and DMARC be deployed efficiently across all organisations and prioritised at critical ones that have not yet implemented it.Click below to share this article