The cybersecurity risks in the most-popular email programs by Google, Microsoft and Apple are bigger than most users imagine. Where are the weaknesses and is there anything we can do about them?
In its recent article, the reputable US media CNBC presents a brief, but a valuable overview of the aging email technology used by most of us on daily basis. According to CNBC, each month, Microsoft Defender for Office 365 detects and blocks close to 40 million emails containing Business Email Compromise, or BEC, and blocks 100 million emails with malicious credential phishing links.
Back in January 2021, Microsoft announced that its software, specifically the software running some Microsoft Exchange servers, had been hacked by a criminal group sponsored by the Chinese government. Further, the company said, everyone using the software was vulnerable until it was patched.
All over the world, organizations of all sizes, including small businesses, scrambled to upload patches and to figure out if they’d been infiltrated. Despite the efforts, some were still ensnared; at least 200 ransomware attacks were attributed to the hack, with some businesses losing millions as they paid the criminals. The hack helped to highlight the vulnerability of the 32 million small businesses, many of which can’t afford to hire cybersecurity companies and that mostly rely on the built-in security features of software and hardware companies, giants like Google, Microsoft, and Apple. Though the companies have made progress and the problem isn’t new, there are still vulnerabilities, especially in email and other software programs, including operating systems, that were designed long before the current rash of cybercrime and cyberespionage.
Email’s ‘old age’ is a problem
Many of the issues with today’s technology stack stem from the fact that some parts of it were developed long before cybercriminals became such a problem. “Email is an ossified product,” said Mallory Knodel, chief technology officer of the Center for Democracy & Technology, a nonpartisan group that promotes digital rights. Some of its donors are big technology companies.
Instead of building in default security features to basic software, the big companies that dominate the space have generally left it up to the cybersecurity market to layer on security, which has resulted in huge growth at a new category of companies, like CrowdStrike and Mandiant, recently acquired by Alphabet.
But Knodel says adding more controls or filters to email, in particular, might raise digital privacy concerns. “I can see people saying, ‘I don’t want Google reading my emails.”’
In complex products, she added, new security measures can be counterproductive. “With layers of security, there can be tradeoffs and some can work at cross-purposes.”
“Microsoft takes email security very seriously,” said Girish Chander, head of Microsoft Defender for Office, in a statement to CNBC. He said the company’s strategy to combat email-borne attacks is built on three principles: research-informed product innovation, taking the fight to the attackers by taking down attack networks and focusing on helping organizations improve their posture and user resilience.
Each month, Microsoft Defender for Office 365 detects and blocks close to 40 million emails containing Business Email Compromise, or BEC, blocks 100 million emails with malicious credential phishing links and detects and thwarts thousands of user compromise activities.
The company’s data highlights how many attacks take place daily, worldwide, as well as the way the giant technology companies have also become players in cybersecurity. Google’s acquisition of Mandiant was priced at $5.4 billion. Microsoft is both the supplier of software, and the seller of services to protect it, through its Microsoft Defender for Office.
You can read the whole text if the article here.
If this information is helpful to you read our blog for more interesting and useful content, tips and guidelines on similar topics. Contact the team of COMPUTER 2000 Bulgaria now if you have a specific question. Our specialists will be assisting you with your query.
Content curated by the team of COMPUTER 2000 on the basis of marketing materials provided by our partners/vendors.