E-Mail Remains #1 Cyberthreat
June 19, 2012
Attention, Wall Street CEOs.
Electronic mail remains the number one threat to the security of financial services firms, said the FBI agent in charge of the New York Office of the Cyber Division of the Federal Bureau of Investigation.
Despite advances in filters for spam and fraudulent communications, e-mail remains the number one threat because it operates “just like a post office,’’ said special agent Mary E. Galligan Tuesday at the 2012 Technology Leaders Forum of the Securities Industry and Financial Markets Association in New York.
One of the worst data breaches in 2011 involved the RSA security unit of EMC, the storage company. The breach was a direct outgrowth of mishandling of electronic mail, she said.
RSA supplies SecureID tokens to users that generate random numbers that are input into a computer as a higher level of security than user names and passwords for making sure only an authorized person is gaining access to a network. This is possibly the world's most-used so-called “two-factor authentication” system.
According to Galligan, RSA’s message filters rightfully sent an email from an unrecognized party into the security company’s junk mail file. But an employee went into the file, saw that the email was related to “recruitment and retention” and opened it.
That launched malicious code that gave an unauthorized party or parties – later traced to be originating in China – not just access to its network, but control of it.
“They owned the whole system,’’ Galligan said.
The cyber security firm was intruded upon "in the simplest of ways," she said.
Chief executives of capital markets firms, she said, need to set the tone in their organizations for proper use or avoidance of email.
Constant, continuing education on the dangers is required and encouragement that staffs should call their technology teams any time that they suspect an e-mail might not originate from a known party.
Staff members even should be encouraged to call each other, in some cases, to just ask if a particular email did in fact get sent by the colleague.
The CEOs themselves have to take extra precautions to avoid what is known as spear-phishing, were messages key on known facts about an individual and makes it seem as if the communication does originate with a familiar party.
That means total avoidance of posting any personal information on social media sites, such as LinkedIn or Facebook.
And extreme caution about opening up attachments, such as text files or spreadsheets. Galligan recommends that CEOs and other top managers open attachments on their Blackberry phones, to quarantine any malicious code that might be launched.